VAMP is Visa’s newer framework for monitoring fraud, chargebacks, and card-testing activity for merchants and acquiring companies. For businesses, this will change how they manage chargebacks due to fraud and customer complaints being reported under this program.
VAMP stands for Visa Acquirer Monitoring Program. This program unifies the functions of monitoring fraud and chargebacks into a single program. Previously, Visa maintained separate monitoring programs for fraud and chargebacks. However, under the VAMP program, merchants must think about fraud, chargeback and fraud prevention, dispute alerts and refunds, and the security of the checkout process.
Why Businesses Need Specialized VAMP Support
VAMP exists to give acquirers and processors a better understanding of the risks that merchants create. Too many fraud reports from a merchant will not only impact that business but also the acquiring bank’s other merchants as well. Thus, this puts additional pressure on the processors to take action to control the damage these merchants can do to their acquiring partners.
This issue is especially important for high-risk and card-not-present merchants. High-risk merchants can include subscription companies, ecommerce businesses, CBD products, nutraceuticals, vape products, adult products, dating websites, gaming companies, travel companies, digital goods, and tech support companies.
Friendly fraud is another challenge that VAMP creates for processors. According to the Visa Acceptance Solutions 2026 Global eCommerce Payments & Fraud Report, 64% of merchants are seeing an increase in first-party fraud, also known as friendly fraud. Friendly fraud is when a merchant allows someone to purchase a product from them but then later disputes the transaction.
Who the Visa VAMP Program Effects Most
This guide is most useful for:
- high-risk merchants
- ecommerce businesses
- subscription and continuity merchants
- SaaS and digital goods companies
- adult, dating and gaming merchants
- CBD, vape and nutraceutical sellers
- travel and future-delivery businesses
- merchants with rising chargebacks or fraud reports
- businesses receiving processor warnings or reserve increases
- merchants trying to understand VAMP before it becomes urgent
The more your business depends on online checkout, recurring billing, card-on-file payments, high-ticket sales, digital delivery, paid traffic, affiliates, or international customers, the more important VAMP becomes. These models need proactive monitoring rather than waiting for chargebacks to surface after the damage is already done.
VAMP Terms and Risk Signals Explained
VAMP uses several related terms, and they can be confusing at first. The key is understanding what each term means in plain English and how it affects the merchant account.
| Term | Plain-English Meaning | Why It Matters |
|---|---|---|
| VAMP | Visa’s combined fraud and dispute monitoring program | Replaces older separate Visa fraud and chargeback monitoring programs |
| VAMP Ratio | Fraud plus non-fraud disputes divided by total settled Visa transactions | Measures whether a merchant or acquirer has too much combined fraud and dispute activity |
| TC40 | Visa’s fraud report record | Fraud reports can affect VAMP even before a merchant thinks of the issue as a chargeback |
| TC15 | Visa’s dispute or chargeback record | Customer disputes are part of the VAMP risk picture |
| Enumeration Attack | Bot-driven card testing on a merchant’s checkout page | Can create processor scrutiny even when many attempts fail |
| Enumeration Ratio | Enumerated attempts divided by total authorization attempts | Measures how much authorization activity looks like card testing |
| VAAI | Visa Account Attack Intelligence, the score Visa uses to flag enumeration | Helps Visa identify likely card-testing activity |
| Above Standard / Excessive | Warning tiers that trigger fees and scrutiny | Signals that fraud, disputes, or enumeration activity is too high |
For merchants, the practical takeaway is simple: VAMP is not just a chargeback program. It is a broader monitoring framework for fraud, disputes and card-testing behavior.
VAMP Risk Reduction Tools and Solutions Compared
VAMP risk is best managed with a mix of prevention, monitoring and response tools. No single tool solves the entire problem.
| Tool or Support Type | Best Fit | Key Strength | Main Tradeoff |
|---|---|---|---|
| Payment Nerds | Merchants that need VAMP-aware payment strategy and account stability | Helps with high-risk underwriting, ratio monitoring, fraud controls, Verifi, Ethoca, 3DS and processor-fit guidance | More consultative than a standalone software tool |
| Verifi | Merchants that need Visa-focused pre-dispute tools | Helps resolve disputes before they become formal chargebacks | Needs clear refund rules and configuration |
| Ethoca Alerts | Merchants that want early issuer fraud and dispute alerts | Gives merchants faster notice to refund, stop fulfillment, or investigate | Does not replace root-cause dispute prevention |
| 3DS | Higher-risk card-not-present transactions | Adds issuer authentication to help reduce fraud exposure | Poor setup can add checkout friction |
| Fraud Filters and Velocity Rules | Ecommerce and subscription merchants | Helps block suspicious behavior before authorization or fulfillment | Needs tuning to avoid false declines |
| Bot and Enumeration Controls | Merchants with checkout abuse or failed-authorization spikes | Helps stop card-testing traffic | Requires monitoring across gateway and checkout data |
These tools work best when they are connected to the merchant’s payment workflow. A business that uses Verifi but keeps unclear billing terms may still get disputes. A business that adds fraud filters but ignores refund delays may still see TC15 pressure.
Understanding VAMP for High-Risk Merchants
For high-risk merchants, VAMP creates more pressure on them from their processors. The high chargeback ratio alone puts them in a difficult spot with account stability. On top of that, fraud and card-testing reports add more pressure.
High-risk merchants need stronger payment solutions. They need underwriting processes and products with clear descriptions and billing, great customer support, descriptor, refund and chargeback processes and fraud software and reports.
For Payment Nerds, this offers an opportunity to better understand the challenges generic processors face. Because they want to avoid high-risk merchants, Payment Nerds can provide merchants with the tools and the knowledge to find the right processor for their business, avoid the issues with processors and have a better foundation to grow their current business.
How Payment Nerds Helps Businesses Manage VAMP Risk
Payment Nerds believes in approaching VAMP as an issue of account health rather than as an acronym to remember. The goal is to reduce fraud, disputes and card testing for the merchant while still allowing the merchant to accept payments from their customers.
We help merchants with:
- reviewing their current fraud and dispute issues
- understanding their VAMP ratio and exposure
- determining whether their issues come from TC40 reports, TC15 disputes or enumeration activity
- implementing Verifi, Ethoca, 3DS, fraud filters or bot controls to fix those issues
- finding the right payment processor relationships for merchants with high VAMP risk
- improving their payments processes overall
- preparing for any reviews from their payment processors
Our goal is not to scare merchants with VAMP. Our goal is to make sure that merchants are aware of the risks early enough in their accounts with a processor to take steps to fix the issues.
How to Prepare for the Visa Acquirer Monitoring Program
Start with measurement. Track the number of chargebacks, fraud reports, refunded amounts, failed authorizations, reasons for chargebacks, complaints and suspicious activity at your business. Reviewing the number of chargebacks for each merchant monthly means the merchant is missing the warning signs of upcoming issues.
Next, find the root of the problem. For example, if a merchant sells subscriptions, one trial offer may cause most of the disputes. For an ecommerce store, one checkout page may be used for card testing. For travel businesses, travel delays may result in most of the TC15 chargebacks. For digital goods, instant access leads to most fraudulent transactions.
Fix the problems found. With the root of the issue found, the merchant can take steps to fix it. Examples include changing the way in which the merchant bills customers for products or services, implementing systems to remind customers of upcoming renewals, improving the way in which customers can cancel subscriptions, implementing alerts for chargebacks, adjusting the fraud rules for the merchant’s platform, implementing 3D Secure for sensitive transactions, or implementing bot protection on merchant checkout pages.
VAMP Monitoring and Fraud Prevention Costs Explained
The cost of VAMP monitoring will vary depending on your merchant’s risk level, transaction volume, dispute volume, fraud prevention tools and their merchant processor. Costs may include payment alert fees, Verifi fees, Ethoca fees, 3DES fees, fraud screening software fees, gateway rule costs, bot protection costs and staff time.
A better question is how much unmanaged VAMP risk could cost your business. Too many fraud reports, disputes and enumeration attempts can cost a business in fees, reserves, reviews and revenue loss.
For high-risk merchants, these tools can be seen as necessary account protection tools that may cost more in initial investment but can save a business in decreased disputes, decreased fraud loss and an easier merchant account to manage for the acquiring bank.
Common VAMP Mistakes Businesses Should Avoid
The biggest mistake is thinking it’s only about chargebacks. VAMP includes fraud reports, non-fraud disputes, and enumeration monitoring. Any merchant who doesn’t fight chargebacks once they occur is already late in the process.
Another mistake is ignoring failed authorizations. Enumeration can come in the form of failed authorizations before the fraudulent order is completed. Gateway attempts should be monitored, not settled transactions.
Finally, another mistake is waiting for the processor to warn of impending problems. Visa has the Above Standard and Excessive tiers for warnings of disputes, fraud, and other reasons for chargebacks. High volumes of these should be addressed before they become a problem for the account.
How the Visa VAMP Program Works
VAMP
VAMP is the name for the system that Visa uses to monitor for fraud and chargebacks/merchandising disputes. Visa does not have separate systems for monitoring for fraud and disputes; rather, the two types of issues are recognized and factored into one system. For merchants, this means that there is no separate system for managing fraud and chargebacks; both systems are addressed within the VAMP program.
VAMP Ratio
The VAMP ratio is fraud plus non-fraud disputes divided by total settled Visa transactions. In plain English, it compares the number of fraud and dispute events against the number of Visa transactions the merchant settles. This ratio matters because it gives processors a measurable way to judge whether a merchant’s risk is under control. If the ratio rises, the merchant may face more scrutiny, remediation requirements, reserve pressure, or account instability.
TC40
TC40 is the record of the fraud reports that are submitted to Visa. These reports are created when merchants report instances of fraud; while merchants may pay attention to chargebacks, fraud reports such as TC40 are also important to Visa and to the merchant. The merchant can reduce its TC40 reports by increasing the quality of its fraud filters, reviewing orders for potential fraud, using AVS and CVV codes to verify the customer’s card, using 3D Secure authentication for certain transactions, and by monitoring for potential fraud prior to the merchant receiving payment for those orders.
TC15
TC15 is the record of the disputes (chargebacks) submitted by the merchant’s customers. These charges can result from friendly fraud, poor support from the merchant, the merchant offering products that customers are not satisfied with, providing duplicate charges or poor fulfillment of orders, providing a service that is not as good as other providers of that same service, or customers not recognizing the merchant’s Visa transaction descriptor.
Bot Protection and Enumeration Controls
An enumeration attack is performed with bots and targets the merchant’s checkout page. These bots will attempt to use various stolen and guessed credit card numbers to attempt to complete transactions on the merchant’s site. These actions can happen prior to any customers completing those transactions with the merchant. Because of the way that Visa monitors for fraud and chargebacks, enumeration attacks are also monitored separately from the VAMP ratio.
VAAI and Enumeration Ratio Explained
VAAI stands for Visa Account Attack Intelligence. This scoring system is used by Visa to determine whether there is likely an enumeration attack being performed on a merchant’s website. The enumeration ratio is the number of enumerated authorization attempts divided by the total number of authorization attempts on the merchant’s site. Merchants that have online checkout or payment areas should utilize bot controls, velocity filters, CAPTCHA software in appropriate areas on their website, and payment gateway filters to reduce these attacks and associated ratios.
FAQs About VAMP
Q: What is VAMP?
A: Visa Acquirer Monitoring Program (VAMP) is a combined program for fraud and dispute monitoring for Visa. This has essentially replaced the separate Visa fraud and chargeback programs.
Q: What is the Visa VAMP program?
A: The Visa VAMP program monitors the activity of fraud, disputes, and enumeration activity across merchants and Visa acquirers. Essentially, it allows Visa to monitor and determine if the risk of fraud on merchants is becoming too high.
Q: What is the VAMP ratio?
A: The VAMP ratio is fraud plus non-fraud disputes divided by total settled Visa transactions. This calculates the number of fraud incidents and disputes a merchant has compared to Visa’s total sales.
Q: What are TC40 and TC15 records?
A: TC40 is the record for fraud reports for Visa. TC15 is the record for Visa’s dispute or chargeback reports. Both reports are part of the VAMP report for merchants.
Q: What is an enumeration attack under VAMP?
A: An enumeration attack involves bots attempting to use Visa cards on a merchant’s website. The goal of these bots is to identify valid compromised Visa card numbers may have been compromised through phishing and other means.
Q: What are Above Standard and Excessive under VAMP?
A: Both of these are warning statuses for merchants with high levels of fraud, disputes, or enumeration activity. Both statuses incur fees for merchants.
Q: How can Payment Nerds help with VAMP?
A: Payment Nerds can assist merchants in evaluating their VAMP status, creating fraud and dispute monitoring programs, and ensuring that their payment processors are the best fit for their business to minimize VAMP-related risks.
Conclusion
VAMP provides merchants with a clear reason to manage fraud, disputes, and testing together. The Visa Acquirer Monitoring Program is more than just a network rule update for merchants. It is a helpful update that reminds merchants of the importance of monitoring fraud before it becomes a processor problem.
If you are a business seeking to understand more about VAMP and how it can assist with chargebacks, enumeration attacks, or a high-risk merchant account, Payment Nerds may be of assistance. We do not just offer merchants tools to monitor Visa payments for the Visa Acquirer Monitoring Program. We also provide merchants with a payment strategy that works in the current market and aligns with current payment standards, keeping their payment processing active and in line with industry regulations.
Sources
- Visa. “Visa Acquirer Monitoring Program Fact Sheet.” Accessed May 2026.
- Visa. “Visa Account Attack Intelligence Score.” Accessed May 2026.
- Visa Acceptance Solutions. “2026 Global eCommerce Payments & Fraud Report.” Accessed May 2026.
- Verifi. “Resolve Pre-Disputes Automatically.” Accessed May 2026.
- Verifi. “Resolve Disputes with CDRN and RDR.” Accessed May 2026.
- Ethoca. “Ethoca Alerts.” Accessed May 2026.
- Ethoca. “Prevent Chargebacks.” Accessed May 2026.
- Stripe. “3D Secure 101.” Accessed May 2026.
- PCI Security Standards Council. “Merchant Resources.” Accessed May 2026.
