Mastercard's revised scam merchant monitoring: What you need to know before July 2026
Industry
4 Feb 2026
7 min
Daniel Yaremchuk
Risk Manager, Solidgate
Mastercard is updating its mandatory scam merchant monitoring in July 2026. Learn what triggers investigations, how it affects your business, and how to prepare.
Starting July 24, 2026, Mastercard requires acquirers to investigate any merchant flagged by specific criteria within 72 hours. If confirmed as a scam operation, that merchant loses Mastercard processing immediately. This applies to all card-not-present merchants globally.
While the program targets fraudsters, legitimate merchants can be caught in the net. New merchants face particularly strict scrutiny.
A sudden spike in chargebacks, a drop in authorization rates, or a particular type of fraud reported by an issuer can trigger an investigation, even if you're running a legitimate business.
We'll explain what changed, who's affected, what triggers an investigation, and how to protect your business.
What Mastercard сhanged
Mastercard revised its standards for identifying and removing scam merchants from its network. The updated standards take effect July 24, 2026. It replaces previous guidance with specific, enforceable rules that acquirers and payment facilitators must follow.
Key change: When specific warning signals appear, acquirers must investigate the merchant within 72 hours. If confirmed as a scam, Mastercard and Maestro transactions must be blocked immediately.
Why legitimate merchants should care
The program doesn't just affect scammers. Legitimate merchants may also become the subject of investigation.
New merchants face the highest risk
Any merchant with less than six months of Mastercard acceptance history enters a heightened monitoring period. During this window, merchants are subject to stricter thresholds for chargebacks and refunds.
If more than 5% of your purchase transactions result in refunds or chargebacks combined during any 30-day rolling period (minimum 500 transactions), your acquirer must investigate you as a potential scam merchant.
Subscription and e-commerce models are particularly vulnerable
These business models naturally generate more declines, refunds, and chargebacks than traditional retail. Also, subscription merchants face lower approval rates on recurring transactions. Customer disputes over recurring charges, failed cancellation attempts, or delivery issues can push you above the 5% threshold.
False positives are expected
The criteria are designed to be sensitive. Some legitimate merchants will be flagged. While you can clear an investigation, the process takes time and resources.
Business disruption risk
Once an investigation starts, you're under scrutiny.
Who this program applies to
| Category | Details |
| Geographic scope | • Global coverage (except in Jordan) |
| Merchant types | • Merchants conducting card-not-present transactions |
| Payment infrastructure parties | • Acquirers / Payment facilitators (must conduct investigations) • Merchants / Sponsored merchants (subject to monitoring) |
| Merchant status | The program applies to all merchants, but monitoring intensity varies: • New merchants (less than six months Mastercard history): Stricter thresholds • Established merchants: Standard monitoring criteria |
| Transaction volume requirements | Some triggers have minimum transaction thresholds: • At least 25 purchase transactions (for authorization rate drops) • At least 500 purchase transactions (for refund/chargeback percentage calculations) |
What triggers a 72-Hour investigation
When at least one of these criteria is met, acquirers must begin investigating within 72 hours:
Trigger 1: Sharp authorization approval rate drops
Your authorization approval rate decreases by at least 50 percentage points over a 72-hour period (example: 95% to 45%) OR drops below 30%, during which you conduct at least 25 purchase transactions.
Exclusions: BIN attacks and system issues at the acquirer or service provider level don't count.
Why this matters: Legitimate merchants typically maintain stable approval rates. A sudden drop often indicates issuers are blocking transactions because they suspect fraud.
Trigger 2: Mastercard GRIP letter
Your acquirer receives a Global Rules Investigation Program (GRIP) letter from Mastercard linking your merchant account to suspected scam activity.
What GRIP is: Mastercard's investigation program for rule violations and suspicious activity. A GRIP letter means Mastercard has already identified concerns.
Trigger 3: New merchant fraud signals
This trigger applies only to merchants with six months or less Mastercard acceptance history, who meet any one of these three conditions:
- Multiple issuer fraud reports: Two different issuers reported at least one transaction each as scams, using fraud type 56 (Manipulation of Cardholder).
- Chargeback references to scams: At least two issuers initiated chargebacks (fraud or non-fraud) with supporting documentation mentioning scams, manipulation, or similar terms.
- Combined refund and chargeback rate exceeds 5%: More than 5% of your purchase transactions result in refunds or chargebacks (combined) during any 30-day rolling period when you conduct at least 500 purchase transactions.
Why new merchants face stricter rules: Scammers often create new merchant accounts, process quickly, then disappear. The six-month window catches this pattern.
Trigger 4: Merchant Monitoring Service Provider (MMSP) alerts
Your acquirer receives one or more alerts from a Merchant Monitoring Service Provider identifying you as a potential scam merchant or suspected of illegal activity.
What MMS Providers do: Third-party services that analyze merchant behavior patterns, monitor dark web listings, track fraud reports, and alert acquirers to suspicious activity.
The investigation outcomes
Within 72 hours of any trigger criteria being met, acquirers or payment facilitators must initiate an investigation of the flagged merchant.
| Investigation outcome: Confirmed scam | Investigation outcome: Not a scam |
| If the investigation confirms scam activity, the acquirer must immediately block the merchant's ability to submit Mastercard (and Maestro) transaction authorizations and clearing. | If the merchant is cleared, processing continues. However, the merchant remains subject to ongoing monitoring and could be flagged again if new criteria are met. |
How to prepare your business
You can't prevent trigger criteria from being monitored, but you can reduce your risk of triggering them and prepare to respond quickly if flagged.
Monitor key metrics
Track the same indicators Mastercard uses:
- Authorization approval rates (watch for sudden drops)
- Refund rates (calculate daily and over 30-day rolling periods)
- Chargeback rates (same calculation method)
- Combined refund and chargeback percentage
If you're approaching 5% combined refund/chargeback rate and you're a new merchant (less than six months) with more than 500 transactions a month, you're at risk.
Keep your communication transparent & avoid misleading practices
- Use clear product or service descriptions
- Set crystal-clear expectations at checkout
- Align marketing claims with reality
- Keep customer service records
- Have clear refund, cancellation, and subscription policies that are easy to find
Optimize your chargeback and refund management
For new merchants especially, staying under 5% is critical.
Chargeback prevention strategy includes:
- Sign up for prevention alerts to proactively refund low-value dispute claims
- Use transparent billing descriptors
- Be responsive to support requests
- Send prompt email receipts and reminders
Refund best practices:
- Make refund policies clear before purchase
- Process legitimate refunds quickly
- Track refund reasons to identify fixable issues
- Consider whether high refund rates indicate product-market fit problems
Strengthen your fraud prevention
Legitimate fraud on your platform contributes to triggering criteria. Issuers will report those transactions using fraud type 56 if they involve scams.
Action: Implement AI-powered fraud detection to catch scammers using your platform.
Maintain stable authorization rates
Sudden drops trigger investigations. Common causes:
- Processor or gateway outages (excluded from criteria, but still disruptive)
- Sudden changes in transaction patterns that trigger issuer fraud rules
- Expansion to new high-risk markets without preparation
Action: Test new markets with small transaction volumes first. Work with your acquirer to communicate planned business changes in advance.
Work with your acquirer proactively
- Communicate business model changes in advance
- Report unusual transaction patterns you anticipate (seasonal spikes, new product launches)
- Ask about their investigation procedures, so you know what to expect
- Ensure they understand your business model
How Solidgate helps you stay compliant
Real-time payment monitoring and alerts
Our platform tracks the metrics that trigger Mastercard investigations:
- Real-time authorization rates
- Refund rates
- Fraud rates
- Dispute rates and patterns
- Transaction success rates by processor, region, and payment method
- Historical trend analysis
- Combined refund/chargeback percentages (calculated over rolling 30-day periods)
You see the same data your acquirer monitors. No surprises.
Automated payment receipts
Solidgate allows you to send in multiple languages. They include important transaction details, making it easy for your customers to reference their purchase history and recognize the source of communication.
Chargeback prevention and management
Our integrated approach helps you stay under critical thresholds:
- Chargeback alerts: Receive Ethoca before disputes become chargebacks, giving you time to resolve issues directly with customers.
- Dispute representment automation: When chargebacks are filed incorrectly, we help you respond with documented evidence. This allows you to challenge and win more disputes, improving your standing with issuer banks.
- Pattern analysis: Our dispute dashboard helps you identify which products, transaction types, or customer segments generate the most disputes, so you can address root causes.
Advanced antifraud protection
Our fraud detection engine helps prevent scam transactions that could trigger investigations:
- Analyze 600+ risk signals in milliseconds using device fingerprinting and global fraud network patterns
- Machine learning adapts to your transaction patterns, reducing false positives
- Customizable rules block high-risk activity while approving legitimate customers
Smart routing reduces authorization declines
Higher approval rates mean fewer sudden drops that trigger investigations. Our orchestration platform includes routing logic that optimizes approval rates:
- Route transactions to processors with the highest approval rates for specific transaction types
- Implement fallback routing when primary processors decline
- Use regional processors for better local approval rates
Expert guidance
Our team has experience with card network compliance programs (we helped clients navigate VAMP). We can:
- Review your transaction patterns for red flags
- Recommend operational changes to reduce risk
- Help you prepare documentation for potential investigations
- Connect you with the right resources if you're flagged
Payment method diversification
Reducing dependency on any single payment method or processor gives you flexibility. We provide multiple acquiring relationships and support multiple payment methods, reducing single-point-of-failure risk.
Proactive compliance approach
We track card network rule changes and communicate relevant updates to clients before they take effect. When Visa launched its Acquirer Monitoring Program, we provided clients with monitoring tools, threshold tracking, and operational guidance.
👉
We're applying the same framework to Mastercard's scam merchant monitoring.
👉
We're applying the same framework to Mastercard's scam merchant monitoring.
Talk to your account manager about your specific risk profile. We can assess whether your current metrics would trigger investigations and recommend operational adjustments.
New to Solidgate?