Mastercard is initiating several changes in support of the U.S. Assurance Framework, including the following:
- A new compliance program for e-commerce fraud with financial penalties for noncompliance
- Details of the Mastercard Account Data Compromise Relief programThe objective of Mastercard’s U.S. Assurance Framework is to secure the digital card-not-present ecosystem. It encourages the use of technology to protect the cardholder
Excessive Fraud Merchant compliance program
The new compliance program for merchants in the U.S. region is called the Excessive Fraud Merchant (EFM) program. The goal of the EFM compliance program is to reduce fraud for e-commerce transactions and secure the ecosystem, providing a better experience for cardholders and ultimately an increase in approval rates for all stakeholders. The EFM program will measure compliance at the merchant ID (MID) level and send the notifications and potential financial assessments to their acquirer.
A merchant in the U.S. region is identified by the EFM program if all the following conditions are met:
- Minimum of 1,000 e-commerce transactions in clearing
- Monthly net fraud is greater than the currency threshold shown in the following table
- Monthly net fraud is greater than the basis points threshold shown in the following table
- Penetration of 3DS and/or data only transactions is less than the total card-not-present volume threshold below
Period | Currency threshold | Net fraud bps threshold | 3DS percent threshold (EMV 3DS + data only) |
October 2019* | U.S. $50,000 | 50 | 10 |
*Thresholds will be reviewed on an annual basis
Financial assessments start March 1, 2020, based on the following table.
Number of EFM months | Assessment | Total accumulated assessment |
1 | $0.00 | U.S. $0.00 |
2 | $500 | U.S. $500 |
3 | $1,000 | U.S. $1,500 |
4 to 6 | $5,000 | Month 4—U.S. U.S. $6,500 |