Mastercard Merchant Trust Services and the 2026 Scam Merchant Rules Explained

According to Mastercard, the system uses:

• Network‑wide transaction intelligence
• Cybersecurity and threat‑intelligence signals
• Identity verification and risk analytics
• Real‑time monitoring of merchant activity

These signals allow Mastercard and its partners to spot patterns that suggest scams—such as suspicious transaction behavior, abnormal merchant activity, or links to known fraud infrastructure—across both online and in‑store commerce.

The goal is to shift fraud detection earlier, preventing scam operations from scaling rather than reacting only after customers file disputes or chargebacks.

How Scam Merchant Detection Works

Mastercard’s approach relies on analyzing large volumes of transaction data and ecosystem‑level signals to identify anomalies and fraud patterns.

The system can provide risk intelligence and monitoring tools that help acquirers and payment service providers evaluate merchants during several phases of their lifecycle:

1. Merchant onboarding
Screening and due‑diligence checks help identify suspicious businesses before they process payments.

2. Ongoing transaction monitoring
Aggregated network data allows models to detect unusual behavior patterns across the global payment network.

3. Risk scoring and investigation signals
Risk signals can prompt further investigation by acquirers when activity resembles known scam patterns or fraud campaigns.

This ecosystem‑level intelligence allows risk models to learn patterns from anonymized transaction data across the global network, helping identify anomalies that might not be visible to a single payment processor.

Key Enforcement Changes Starting July 24, 2026

A major operational shift arrives with updated scam‑merchant monitoring rules that take effect on July 24, 2026. These changes impose stricter responsibilities on acquiring banks and payment facilitators.

72‑hour investigation requirement

If a merchant is flagged for potential scam activity, the acquiring bank must launch an investigation within 72 hours.

This rule applies across Mastercard’s network and is mandatory rather than advisory.

Immediate termination for confirmed scams

If the investigation confirms the merchant is operating a scam, the processor must immediately stop the merchant from accepting Mastercard transactions.

Industry explainers emphasize that this process typically involves:

• No grace period
• No progressive fines
• Immediate removal from Mastercard processing

The approach is designed to quickly remove confirmed scam merchants before more consumers are affected.

Multi‑trigger monitoring signals

The updated monitoring framework relies on multiple risk triggers that can initiate an investigation. Examples cited in industry explanations include:

• Sudden drops in authorization approval rates
• Spikes in chargebacks or fraud reports
• Fraud alerts originating from issuing banks

For example, a sharp decline in authorization approvals—such as a drop of roughly 50 percentage points or falling below a low approval threshold within a short period—can trigger review signals in monitoring systems.

Similarly, suspicious spikes in refunds or chargebacks may indicate deceptive merchant behavior and prompt an investigation.

Website‑Scanning Rules Already Active Since January 2026

Separate updates to Mastercard’s Merchant Monitoring Program took effect January 1, 2026, focusing on earlier detection of fraudulent e‑commerce sites.

Under these requirements:

• Newly onboarded merchants must undergo an initial website or transaction‑laundering scan before their first transaction.
• Monitoring must cover the entire merchant website, including restricted or password‑protected areas where products or services may be offered.

These scans are intended to identify deceptive storefronts, hidden offers, or transaction‑laundering schemes that attempt to disguise the true nature of a merchant’s business.

Why Mastercard Is Expanding Merchant Monitoring

Scam merchants often exploit the delay between launching a fraudulent storefront and accumulating enough chargebacks for traditional monitoring systems to react. Mastercard’s newer framework attempts to close that gap.

By combining network‑level intelligence, cyber threat signals, and stricter monitoring rules for acquiring banks, the company aims to:

• Detect scam merchants earlier in their lifecycle
• Reduce consumer losses from fraudulent sites
• Improve trust across the payment ecosystem

In practice, the system represents a shift toward proactive fraud prevention—using shared intelligence across the payment network to identify suspicious merchants before large‑scale damage occurs.