Being enrolled in fraud monitoring programs can be stressful and frightening — and the Visa® fraud monitoring program is no exception.
So what happens when enrollment is unavoidable? What can you do? We’ll walk you through everything you need to know about the Visa monitoring programs and actions you can take to resolve fraud issues.
What is the Visa Fraud Monitoring Program (VFMP)?
Visa has two fraud monitoring programs:
- the global Visa Fraud Monitoring Program (VFMP)
- the Visa Fraud Monitoring Program - 3D Secure (VFMP-3DS) for US-based merchants
These programs exist to monitor merchant accounts for compliance to Visa’s fraud thresholds. When merchants fail to comply with those standards — by having excessive fraud and chargeback levels — they are automatically enrolled by their acquiring bank.
Merchants are enrolled in a Visa fraud monitoring program only if they exceed the thresholds for both the fraud ratio and fraud amount. The thresholds vary slightly for each program.
For the Visa Fraud Monitoring Program (VFMP), there are four classification types. Each month you breach both thresholds you could be classified in as one of the following:
|Fraud amount threshold
|Fraud ratio threshold
|High risk merchant
Keep in mind that the early warning classification is not an actual violation. It’s an alert that your merchant account is close to the violation — which starts at the standard threshold.
For the Visa Fraud Monitoring Program - 3D Secure (VFMP-3DS), there are only two classification types. Each month you breach both thresholds you could be classified in as one of the following:
|Fraud amount threshold
|Fraud ratio threshold
Again, the early warning classification is not an actual violation and you will not be issued any fines.
Calculating your fraud ratio
Your fraud ratio or fraud rate is the total number of fraud reports (TC40s) you receive in the current month divided by your monthly sales volume for the same month.
Visa Fraud Monitoring Program (VFMP)
For the VFMP, that calculation would look like this:
An example would be:
Visa Fraud Monitoring Program - 3D Secure (VFMP-3DS)
For the VFMP-3DS, that calculation would look like this:
An example might be:
If you are enrolled in the VFMP, you will be issued fines in one large, lump-sum amount each month. The fines and penalties you owe will depend on your program classification — standard, high-risk, or excessive. Fines start much earlier if you are classified as high-risk or excessive.
Regardless of the classification, the longer you are in the program, the more you’ll pay in fines. Costs usually range from $10,000 USD to $75,000 USD per month.
If you are enrolled in the VFMP-3DS, you won’t be issued any fines, but you will lose liability shift protections until you exit the program.
How Fraud Monitoring Programs Can Affect Your Business
Fraud alone can cause a lot of harm to your business — reputation loss with banks and customers, increased labor costs, and more.
Additionally, being enrolled in a fraud monitoring program can increase the strain on your business — draining resources that would otherwise be dedicated to normal business operations. Plus, the fines you accrue from the program can put a huge dent in your bottom line.
The reality is being enrolled in a program puts your merchant account in jeopardy.
If you are enrolled in a program for too long, your acquiring bank is required to close your account so you can no longer accept Visa payments. However, your acquirer will likely close your account much sooner.
Enrollment in a monitoring program tells your acquiring bank you are struggling to detect and stop fraudulent activity. Your shortcomings could become a liability for your acquirer — and your acquirer probably isn’t willing to take that risk.
NOTE: In addition to the fraud rate, Visa monitors your chargeback rate as well. If you’re having fraud issues, chances are you’re also having chargeback issues. You could face enrollment in both the VFMP and the Visa Dispute Monitoring Program (VDMP) at the same time if you have excessive fraud and chargebacks.
What to Do When You Are Enrolled in the VFMP
So how do you overcome enrollment in one of Visa’s fraud monitoring programs? You start with a strategy for how you’re going to resolve the fraud issues that landed you in the program. Then, you can focus on getting out of the program.
Develop a remediation plan
Part of a fraud monitoring program is to help merchants develop an effective risk management strategy. Visa will likely request that you submit a remediation plan outlining the steps you plan to take to resolve issues and regain compliance.
Most remediation plans include the following key elements.
Card networks need to get a good sense of who you are. Describe what type of business you own, payment and billing methods you accept, marketing efforts, and any other notable aspects of your business.
Provide details about your return and refund policies, terms and conditions, and any other internal procedures that could be related to your fraud issues.
Provide details of the events that lead to the excessive level of fraud and high fraud rate. You may need to take a closer look at your data to figure out the root cause of the issues so you know exactly what happened.
Risk management strategy
Your strategy for reducing risk is one of the most important parts of the remediation plan. You’ll need to provide a description of all fraud tools and prevention methods you plan to use, when you will implement them, and how those will help prevent fraud issues in the future.
Provide a detailed description of steps you will take to reduce fraud and chargeback rates — the technologies you will use, when you will implement them, and your expected results. You’ll also need to include a backup plan in case the first plan fails.
Resolve fraud issues
The most important step to take when enrolled in a monitoring program is to get your fraud issues under control. You want to find a solution that can solve your issues in a reasonable amount of time but also provide long-lasting benefits so that you never face enrollment in a program again.
Resolving fraud starts with a well-rounded risk management strategy.
insert_chart Conduct data analysis
Some fraud issues — like friendly fraud — are difficult to track because card brands don’t have a specific reason code for it. Issues like customers trying to get items for free by disputing purchases with their banks or kids making purchases without the cardholder’s knowledge are all just fraud.
But these issues can be prevented as long as you’re able to discover them. And the only way to find those cases of fraud is with data analysis. You need to look for patterns of behavior across a customer’s history to identify anomalies that could indicate friendly fraud.
storage Implement fraud technology
Using fraud detection software is the quickest way to reduce fraud accurately and effectively — which is especially important when you have a limited amount of time. Look for technology that allows you to customize solutions to fit your business needs.
The best part about using technology is that you don’t have to use all your internal resources to get the issue under control. The technology can work independently and much quicker than a human.
security Update web security protocols
An easy way to minimize fraud is by updating or adding to your website security protocols. Make sure you have a firewall so that you can monitor incoming and outgoing traffic on your site and block suspicious traffic.
Additionally, add authentication tools like CAPTCHAs during checkout to verify that the user interacting with your site is a human. Using these protocols will help you block bad traffic from bots that can run automated tasks such as card testing and credential stuffing.
account_box Use verification tools
Implementing verification tools is one way to check if the cardholder is actually the one making a purchase. And there are a few ways you can do that.
3D Secure 2.0 (3DS)
3DS is an identity verification tool that authenticates card-not-present transactions. Whenever a customer makes a purchase, you can send information — such as shipping address and order history — to the customer’s bank. The bank receives that information and reviews it to determine the probability of fraud. Based on the analysis, the transaction can be accepted or challenged.
Address verification service (AVS)
AVS allows you to compare the billing address a customer provides during checkout to the billing address on file with their bank. If the addresses don’t match, the transaction may be declined.
Card verification value (CVV)
The security code printed on a debit or credit card is meant to verify that the shopper has physical possession of the card. Requiring that customers enter the CVV during checkout can stop fraudsters who obtain stolen card information from an online hack.
question_answer Communicate with customers
Friendly fraud happens for a variety of reasons — customers don’t recognize purchases, want to get goods for free, experience buyer’s remorse, and more. The best way to tackle these issues is to communicate with customers throughout the buying journey.
- Providing clear billing descriptors so customers recognize their purchases and don't incorrectly claim fraud
- Sending reminders before recurring billing renewals — especially ones that are quarterly or annually
- Sending order confirmation emails to let the cardholder know a purchase has been made
Additionally, you can use order validation — which gives customers and banks detailed purchase information. This tool helps clear up billing confusion. Plus, with Visa CE 3.0, your fraud ratio can be reversed with the right evidence.
Exiting the program
To leave either of Visa's fraud monitoring programs, your merchant account needs to be below the Standard threshold for three consecutive months. That means if either your fraud ratio or fraud amount fall below the threshold, you will be considered compliant for the month.
Want help exiting a Visa fraud monitoring program?
If you’ve been enrolled in a monitoring program, you need rapid results. And the best way to see quick and accurate improvements to your fraud situation is to use fraud detection technology.
Kount® can help. Kount has the industry’s leading fraud detection and prevention software with proven-effective solutions. Sign up for a demo today to learn more.