Mastercard Revised Standards for Potential Scam Merchant Monitoring
Mastercard has revised its Standards for Potential Scam Merchant Monitoring as outlined in the document GLB 12772, effective July 24, 2026. All stakeholders are encouraged to review these changes and implement plans accordingly.
Key Updates in the Revised Standards
Overview
Effective Date: July 24, 2026
Revisions Include:
- Updates to the Security Rules and Procedures.
- New guidelines for Fraud Loss Control Standards and Merchant Monitoring.
Chapter Highlights
Chapter 6: Fraud Loss Control Standards
- Ongoing Merchant Monitoring:
- Acquirers must carry out periodic reviews of transaction activities for merchants to detect:
- Monthly transaction volumes with respect to:
- Total Transaction count and amount
- Number of credit (refund) Transactions
- Number of fraudulent Transactions
- Average ticket size
- Number of chargebacks and basis points
- Activities inconsistent with business models
- Transaction Laundering
- Potentially illegal activities
- Monthly transaction volumes with respect to:
- Acquirers must carry out periodic reviews of transaction activities for merchants to detect:
- Investigation Requirement:
- For merchants with less than six months of acceptance history – if over 5% of transactions are subject to refunds or chargebacks within a rolling 30-day period, an investigation for potential scam Merchant is required.
Chapter 7: Merchant, Sponsored Merchant, and ATM Owner Screening Standards
Acquirers or Payment Facilitators must begin an investigation within 72 hours if any of the following criteria indicate a Merchant or Sponsored Merchant may be a potential scam:
- Authorization Rate Drop: If the merchant conducts at least 25 transactions over 72 hours and experiences a decrease in authorization approval rates by 50 percentage points or more (e.g., from 95% to 45%) or falls below 30% (excluding system issues).
- GRIP Letter: Receipt of a Mastercard Global Rules Investigation Program (GRIP) letter related to a suspected scam Merchant.
- New Merchants (≤ 6 months Mastercard processing):
- Two Issuers reported transactions from the entity as scams via the Fraud and Loss Database (FLD);
- At least two Issuers initiated chargebacks (with documentation) related to scams or manipulation;
- More than 5% of the entity’s transactions are subject to refunds or chargebacks within a rolling 30-day period (conducting at least 500 transactions).
- MMSP Alerts: Alerts from Merchant Monitoring Service Providers (MMSPs) identifying the entity as a potential scam Merchant or involved in illegal activity.
Additionally, Acquirers are required to daily check the FLD for new scam merchant listings using available Fraud Insights alert reports or Acquirer Loss File batch reports.
Notes
- The revised standards do not apply in Jordan.
Conclusion
Mastercard recommends the use of Merchant monitoring solutions to monitor merchant activity and to avoid processing illegal or scam acitvities.
These updated standards aim to enhance monitoring processes and ensure timely actions against potentially fraudulent merchants. Stakeholders are urged to integrate these revisions into their operational practices.
For detailed information, please refer to the full manual on Mastercard Connect™ through the Technical Resource Center.
Want to learn more about merchant risk services? Visit our Youtube Channel.
Subscribe to our newsletter
Keep up to date with the latest industry news and up and coming innovations!
About Austreme
Austreme Technology is an industry leader specialising in ecommerce acquiring payment risk technologies and services. We provide a wide range of financial risk management services for global customers such as big data analytics, anti-transaction laundering, merchant website risk content monitoring, merchant onboarding and chargeback prevention. Austreme is a MasterCard Merchant Monitoring Service Provider (MMSP) since 2015, and a Visa Third Party Agent (TPA).