Card Account Updater: How It Works, What It Fixes, and When Merchants Still See Declines

Written by Tyler DurbinJune 23, 2026
Merchant Alternatives is reader-supported. When you make purchases through links on our site, we may earn a commission. This is always at no additional cost to you and helps us continue to provide accurate, transparent and up-to-date information on the things that matter most to your business, for free.

If you store cards for subscriptions, memberships, invoices, or one-click reorders, you have a quiet enemy: valid customers whose cards stop working because the credential changed. Cards get reissued after fraud events, banks merge, accounts upgrade, and expiration dates roll.

A card account updater is a set of card-network programs (Visa, Mastercard, Amex, and Discover) that can send updated card details to your processor or gateway so future charges keep working without the customer re-entering their card. The practical goal is simple: reduce avoidable declines, protect recurring revenue, and cut down on "please update your payment method" support tickets.

This guide explains what account updater is, how it differs from network tokenization, what data you should expect back, and how to implement it in a way that actually improves approval rates.

What is a card account updater (and what problem does it solve)?

A card account updater is a network service that helps keep stored card credentials current when the issuer replaces the card. Checkout.com summarizes the major programs as Visa Account Updater (VAU), Mastercard Automatic Billing Updater (ABU), American Express Card Refresher, and Discover Global Network Account Updater. Source: https://www.checkout.com/blog/credit-card-account-updater

For merchants, the core problem is credential drift. You have permission to charge, but the PAN and/or expiration date you stored no longer matches what the issuer expects. The issuer declines for reasons like "expired card" or "do not honor" even though the customer is active and willing to pay.

Account updater is most valuable for:

  • Subscriptions and memberships (SaaS, gyms, streaming, coaching)
  • Card-on-file ecommerce (reorders, autoship)
  • Marketplaces and platforms that store cards for future payouts or charges
  • Any business that bills without the customer present (merchant-initiated transactions)

How do the big network updater programs differ (Visa vs Mastercard vs Amex vs Discover)?

All four networks aim to solve the same issue, but the details depend on your processor, your region, and issuer participation.

Here is the practical way to think about it:

  • Visa: VAU updates Visa cards.
  • Mastercard: ABU updates Mastercard cards.
  • American Express: Card Refresher updates Amex cards.
  • Discover: Discover Global Network Account Updater updates Discover cards.

You typically do not integrate directly with each network. Your processor, gateway, or vault provider offers an "account updater" feature and handles the network relationships.

What may differ by network and provider:

  • Whether updates are batch (file-based) vs near-real-time
  • Which fields get updated (expiry only, PAN + expiry, account closed indicators)
  • How quickly updates arrive
  • How fees are assessed and itemized

Does account updater update the card in real time or in batches?

It depends on the implementation. Some providers run account updater as batch files on a schedule, which means you might not receive the updated credential until after a decline has already happened.

Other providers request updates at the moment you attempt a transaction. Checkout.com describes Visa as supporting a "pull" model where updates can be returned when the provider requests them during payment processing. Source: https://www.checkout.com/blog/credit-card-account-updater

Practical takeaway:

  • If you run a pure batch updater, build a retry workflow and do not assume updates will arrive before the next renewal.
  • If your provider supports real-time or just-in-time updater checks, you can recover more revenue on the first retry.

What is the difference between account updater and network tokenization?

Account updater refreshes stored card details when the underlying credential changes.

Network tokenization replaces the stored PAN with a network token that is managed by the card network. Adyen explains that network tokenization replaces the PAN with a non-sensitive reference (a network token) for online and recurring payments, and that the token remains valid even if the issuer replaces the card. Source: https://www.adyen.com/knowledge-hub/network-tokenization

In plain terms:

  • Account updater is a credential refresh mechanism.
  • Network tokens are a different credential type that is designed to persist through reissuance.

Many merchants benefit from using both:

  • Network tokens handle many lifecycle events automatically.
  • Account updater can act as a fallback for cards that are not tokenized or not eligible.

If your processor already provisions network tokens, you may still want updater enabled for coverage gaps and edge cases.

What data should merchants expect back from an account updater response?

It depends on the network and provider, but merchants typically see one of these outcomes:

  1. Expiration date updated
  2. New PAN issued (and new expiry)
  3. Account closed or invalid (no update possible)
  4. No change found

From an operations perspective, you should treat updater as a signal, not just a background feature.

Recommended fields to store (if your PSP exposes them):

  • Old last4 and new last4 (for reconciliation)
  • Date/time the update was applied
  • Update reason code (reissued, expired, etc.) if available
  • Whether the update was applied to a token, a PAN, or a vaulted credential reference

When does account updater NOT help (common reasons declines still happen)?

Account updater is not magic. You can still see declines for reasons that have nothing to do with stale credentials.

Common scenarios where updater will not save the payment:

  • Insufficient funds
  • Suspected fraud or issuer velocity controls
  • Merchant category code mismatch or issuer policy
  • Cardholder dispute history or risk controls
  • The customer canceled the card account entirely
  • The issuer did not participate in updater for that account

Another issue: you might be sending the recurring charge incorrectly. If your acquirer flags a charge as a cardholder-initiated ecommerce purchase when it is really a merchant-initiated renewal, issuers can decline or apply stricter controls.

If you are not already passing stored-credential indicators correctly, fix that first. (Internal link: https://merchantalternatives.com/stored-credential-framework-mit-cit-subscription-billing-guide/)

How should merchants implement account updater (a practical checklist)?

Treat account updater as a system design problem, not a checkbox.

1) Confirm what your processor actually supports

Ask your provider:

  • Which networks are covered (Visa, Mastercard, Amex, Discover)?
  • Is it batch, real-time, or hybrid?
  • Is there a per-update fee?
  • Does it update the underlying credential automatically, or do you have to apply the update?
  • Are there webhooks, reports, or export files?

If your provider cannot clearly answer these questions, you do not actually know what you bought.

2) Decide when to run updater checks

Good triggers include:

  • Pre-billing: before scheduled renewals (for subscriptions)
  • After specific decline codes: expired card, invalid account number, pick up card
  • Before retry windows: right before you run a dunning retry

If you are using a batch updater, run it ahead of your billing cycle and time it so updates can be applied before renewals.

3) Build a retry and dunning strategy that uses updater results

A simple model:

  • Attempt charge on the renewal date
  • If decline appears credential-related, run updater or wait for updater results
  • Retry with updated credential
  • If updater says closed/no update, immediately ask customer to update payment method

This is where many merchants lose money: they run retries blindly and create more issuer friction.

(Internal link: https://merchantalternatives.com/chargeback-time-limits-by-network/)

4) Ensure token and credential storage is PCI-safe

If you are storing PANs yourself, account updater does not reduce PCI scope. If your provider vaults credentials and gives you tokens, the provider may update the underlying PAN behind the scenes.

Even if you never see the PAN, treat updater outputs as sensitive operational data. Limit access, log carefully, and keep audit trails.

(Internal link: https://merchantalternatives.com/pci-non-compliance-fees-merchant-guide/)

What does account updater cost (and where do fees show up)?

Costs depend on your processor, your contract, and the region.

Some networks bundle account updater fees into broader network fees. Braintree's 2026 network updates page lists Visa Account Updater (VAU) and Real Time VAU among services included in Visa's Digital Commerce Services Fee in certain countries. Source: https://developer.paypal.com/braintree/articles/risk-and-security/compliance/network-updates/2026

For merchants, the practical question is: do you pay per update, per inquiry, or as part of a network fee bundle?

A quick way to spot updater-related costs:

  • Look for line items referencing VAU, ABU, account updater, billing updater, or credential updater
  • Ask your processor for an interchange/fee pass-through detail report
  • Compare your updater volume to your saved-card portfolio

How does account updater affect chargebacks and customer disputes?

Account updater itself does not cause chargebacks, but it can change the customer experience.

Two key points:

  • If you keep billing a customer after they believe they canceled, updating the card will not save you. It may increase disputes.
  • If you do not clearly disclose billing terms, updater can make "I forgot" disputes more likely because the customer did not notice a card change.

To stay safe:

  • Make cancellation easy
  • Send renewal reminders for high-ticket renewals
  • Keep descriptors consistent

How do you measure whether account updater is actually working?

You need to measure outcomes, not enablement.

Track these KPIs:

  • First-attempt approval rate for recurring charges
  • Recovery rate on first retry (post-updater)
  • Involuntary churn (cancelations caused by failed payments)
  • Support tickets per 1,000 renewals (billing-related)

Also track a simple attribution table: which recovered transactions were recovered because of expiry update, PAN update, or customer action.

Example measurement table

Metric What it tells you Where to get it
--- --- ---
Expiry updates applied How many cards were fixed quietly PSP updater reports
PAN updates applied Reissues captured PSP updater reports
Recovery rate after updater Revenue saved Billing analytics
Declines with no update Coverage gaps PSP decline logs

FAQ

Do I need account updater if I already use network tokens?

Often yes. Network tokens can cover many lifecycle events, but not every stored credential is tokenized and not every issuer participates the same way. Having updater enabled gives you a fallback for non-tokenized cards.

Will account updater update cards for customers who never agreed to card-on-file?

No. Updater is used for stored credentials where the merchant has a card-on-file relationship and permission to store and reuse the card.

Can account updater cause me to violate PCI rules?

Updater itself does not force you to store PANs, but if your integration path exposes raw card data, you may increase PCI scope. Prefer vaulting and tokenization through a PCI Level 1 provider.

How long does it take for updates to arrive?

It depends on your provider. Some implementations are file-based and run on a schedule; others can retrieve updates during a transaction attempt.

What should I do if updater returns "account closed"?

Treat it as a hard stop. Stop retries and immediately ask the customer to update their payment method. If you keep retrying, you may increase issuer risk flags and support load.

Closing: choose a processor that supports updater and token lifecycle management

You can apply for a merchant account through Easy Pay Direct or another processor that fits your model. Other options worth a look:

  • https://merchantalternatives.com/go/easy-pay-direct/
  • https://merchantalternatives.com/go/soar-payments/
  • https://merchantalternatives.com/go/paymentcloud/
Written by 

Tyler Durbin