Mastercard EFM Program: How to Calculate Your Mastercard Fraud RateThere’s More Than One Way to Land in Mastercard’s EFM Program
Which Incidents Count Toward Your Mastercard Fraud Rate?
When it comes to Mastercard’s EFM program, they’re not just looking at chargebacks.
It’s true that they’re primarily examining fraud tied to one specific chargeback reason code (reason code 4837 — No Cardholder Authorization). But, there’s a lot more that goes into your fraud rate than just counting the number of monthly incidents. Mastercard analyzes the total value of all confirmed fraudulent transactions, 3-D Secure usage ratios, and other factors, giving multiple data points to identify risky merchants.
For this chapter, we’re discussing how to calculate your Mastercard fraud rate so that you can self-monitor whether you’re at risk for enrollment in the Mastercard fraud monitoring program.
Calculating Your Mastercard Fraud Rate
One of the four criteria that Mastercard uses to determine whether you’ll be placed in the EFM is your fraud chargeback rate. On the simplest level, this figure is calculated as:
(Number of eCommerce first presentment fraud chargebacks in the current month / Number of eCommerce sales in the current month) x 100
But there are some nuances to this calculation. Mastercard only considers fraud-related chargebacks experienced by eCommerce merchants. These are specifically defined as chargebacks resulting from a card-not-present transaction, and which were filed using reason code 4837 — No Cardholder Authorization.
Chargebacks associated with other reason codes, or those associated with face-to-face transactions, are not included in the fraud rate calculation.
Chargebacks filed using legacy reason code 4863 — Cardholder Does Not Recognize — Potential Fraud were also subject to consideration for the EFM program. But, this reason code has been retired and is no longer used.
And, like I mentioned above, only card-not-present (CNP) transactions are considered. If you sell online and in-person, only the number of CNP transactions you submit for processing in the last month will factor into the denominator for the purposes of this fraud rate calculation.
Other Factors in Program Inclusion
Of course, your fraud rate isn’t the only factor considered for enrollment in the EFM.
For instance, the total value of transactions involved in fraud chargebacks must exceed EUR/USD 50,000 in the last month. This figure is calculated by simply adding the value of current-month CNP transactions that carry chargeback reason code 4837.
Mastercard imposes stricter thresholds on merchants in certain regions. If you’re an Australian merchant, you must keep your fraud rate under 20 basis points (0.2%) and your fraud amount below $15,000 USD to remain in the clear.
Because Mastercard evaluates both your fraud rate and fraud volume for compliance, both the prevalence and magnitude of fraud-related chargebacks matter for the purposes of EFM. If you receive a large number of fraud-related chargebacks relative to eCommerce sales (high prevalence), but the value of fraud-related transactions are modest in aggregate (low magnitude), you may be spared from involuntary enrollment into the program.
The remaining two criteria matter, too. For instance, you’ll also need to make at least 1,000 eCommerce sales in the current month and have neglected to use 3-D Secure to protect most of your transactions.
| Number of Electronic- Commerce Transactions | Fraud Chargeback Amount | Fraud Chargeback Basis Points | 3DS Utilization (Including Data Only Transactions) |
| 1,000 or more | EUR/USD 50,000 or more | 50 or more | - Less than 10% (Non-regulated Countries) - Less than 50% (Regulated Countries) |
The key takeaway here is that small-scale eCommerce sellers, larger retailers who almost exclusively do business in-person rather than online, and merchants who use 3DS to authenticate most or all of their CNP transactions are all at fairly low risk of being placed in the Mastercard EFM program.
