Card Updater Services Explained: Visa Account Updater, Mastercard ABU, and the Hidden Recovery Layer
Card updater services like Visa Account Updater and Mastercard ABU silently refresh expired card numbers behind the scenes, recovering 30-40% of card-expiry declines without any customer action. Learn what they cost, how they work, and which subscription businesses should enroll.
What Are Card Updater Services?
Card updater services are programs operated by the major card networks (Visa, Mastercard, American Express, Discover) that automatically update stored card credentials when a cardholder receives a new card. When a customer's credit or debit card is reissued — whether due to expiration, a data breach, a lost/stolen report, or a routine bank-initiated replacement — the card number and expiration date change. Without a card updater, every subscription or recurring billing arrangement linked to the old card will fail on the next charge attempt. Visa Account Updater (VAU), Mastercard Automatic Billing Updater (ABU), American Express Cardrefresher, and Discover Account Updater collectively prevent billions of dollars in payment failures each year. For subscription businesses, these services are a first line of defense against involuntary churn, quietly updating card details behind the scenes so that recurring payments continue without any customer action. According to Visa's 2025 data, VAU prevents approximately 15% to 20% of all card-update payment failures before they happen. However, card updater services are not a complete solution — they have significant limitations that make dunning management and smart retry logic essential complements.
How Visa Account Updater (VAU) and Mastercard ABU Work
The mechanics of card updater services are straightforward in concept but involve a multi-party data flow. Here is how the process works, step by step. 1. Enrollment: Your payment processor (Stripe, Braintree, Adyen, etc.) registers the card credentials you have on file with the relevant card network's updater program. This happens automatically for most modern processors — you do not need to opt in card by card. 2. Batch inquiry: On a regular schedule (typically daily or weekly, depending on the processor), your processor submits a batch of stored card tokens to the card network's updater service. The batch contains tokenized card identifiers, not raw card numbers. 3. Network lookup: The card network checks each token against its database of recently reissued cards. If a match is found — for example, if a Visa card ending in 4242 was reissued as a new card ending in 8765 with a new expiration date — the network returns the updated credentials. 4. Credential update: Your processor receives the updated card details and replaces the old token with the new one. The next recurring charge uses the updated credentials automatically. The entire process is invisible to the cardholder. They receive a new card from their bank, and their subscriptions continue uninterrupted. For Visa (VAU), updates are typically returned within 1 to 3 business days of the card reissuance. Mastercard ABU operates on a similar timeline. American Express Cardrefresher is slightly faster, often returning updates within 24 hours. The critical detail is that card updater services rely on the issuing bank participating in the program and reporting reissued cards to the network. Not all issuers participate, and not all reissuances are reported.
What Card Updaters Can and Cannot Do
Card updater services are powerful but have important limitations. Understanding these boundaries is essential for building a robust payment recovery strategy. What card updaters handle well: Routine card reissuance due to expiration is the primary use case and works reliably when the issuer participates in the updater program. Bank-initiated replacements due to data breaches are also well-covered because banks batch-report these reissuances to the card networks. Card number changes from account upgrades (e.g., a customer's Visa Signature card is upgraded to Visa Infinite) are usually covered. What card updaters do NOT handle: Account closures are not covered. If a customer closes their bank account entirely, the card updater will report the card as closed but cannot provide a replacement. You need the customer to supply a completely new payment method. Debit card replacements are less reliably covered than credit cards because some issuing banks do not enroll debit cards in updater programs. Internationally issued cards have lower update rates. VAU and ABU participation is highest among US, Canadian, UK, and EU issuers but drops significantly for cards issued in Asia, Latin America, and Africa. Prepaid and virtual cards are generally not covered by card updater services. Gift cards, prepaid Visa/Mastercard cards, and single-use virtual card numbers cannot be updated. Coverage gaps in practice: Even for covered scenarios, card updater success rates vary from 50% to 80% depending on the processor and issuing bank mix. Stripe reports that their built-in card updater prevents about 60% of card-expiry failures. That still leaves 40% of expiry-related declines that reach your customers as failed payments.
Why Card Updaters Alone Are Not Enough
Given the coverage gaps above, relying solely on card updater services creates a false sense of security. Here are the scenarios where card updaters will not save you and why dunning is still essential. The 20-40% coverage gap: Even in the best case, card updaters miss 20% to 40% of card-update failures. For a SaaS company with $1M MRR and 2% of payments failing due to card updates ($20K monthly), that gap represents $4,000 to $8,000 per month in unrecovered revenue that requires active customer outreach. Timing delays: Card updater batches run on a schedule (daily or weekly), but your billing cycle does not wait. If a card is reissued on the same day as a billing charge, the updater may not have the new credentials yet. The payment fails, and the updater catches up a day or two later. Your retry logic needs to account for this delay window. Non-card payment failures: Card updaters only cover card-on-file payments. They do nothing for PayPal billing agreement failures, ACH/SEPA direct debit failures, or bank transfer failures. If you accept multiple payment methods, you need a recovery strategy for each. Soft declines: Card updaters address card-update declines only. They have zero impact on the largest category of payment failures: insufficient funds. Soft declines account for 40% of all payment failures and require smart retry timing, not card updates. Customer-initiated changes: When a customer gets a new card and destroys the old one before the updater has processed the change, there is a gap where the old card is invalid and the new card is not yet linked. This is especially common with physical debit cards. The bottom line: card updaters are a valuable passive defense layer, but they solve only one slice of the payment failure problem. A comprehensive recovery strategy layers card updaters with smart retries, dunning emails, and proactive expiry alerts.
How to Check If Your Processor Supports Card Updaters
Most major payment processors include card updater services, but the details vary. Stripe: Card updater is enabled by default on all accounts. Stripe participates in VAU, ABU, and Amex Cardrefresher. Updates happen automatically and are reflected in the stored PaymentMethod object. Stripe reports approximately 60% effectiveness in preventing card-expiry failures. Braintree (PayPal): Automatic Card Updater is included and enabled by default. Covers Visa, Mastercard, and Discover. Amex support requires a separate enrollment. Updates are applied to the stored payment method nonce. Adyen: Account Updater is available on request and requires configuration in the Adyen Customer Area. Supports Visa and Mastercard. Adyen processes updates in real time during authorization (Real-Time Account Updater) in addition to batch updates. Recurly: Built-in Account Updater covers Visa, Mastercard, Amex, and Discover. Recurly reports their updater resolves approximately 65% of card-expiry declines. Chargebee: Card updater support depends on the underlying gateway (Stripe, Braintree, Adyen). Chargebee itself does not run a separate updater service. Square: Automatic card updates are included for recurring billing on Square. Coverage is limited to Visa and Mastercard. If your processor does not support card updaters or has limited coverage, proactive card expiry alerts become even more critical. Sending customers a reminder at 14, 7, and 3 days before their card expires reduces expiry-related failures by 45% — comparable to what card updaters achieve passively.
Proactive Card Expiry Alerts: Your Second Line of Defense
Card expiry dates are the one payment failure you can predict with 100% certainty. Every stored card has a printed expiration month and year. Yet most subscription businesses do nothing with this information until the payment actually fails. Proactive card expiry alerts are automated messages sent before the card expires, asking the customer to update their payment method. This approach is complementary to card updaters: the updater handles cases where the bank has already issued a replacement card, and your alerts handle the cases the updater misses. Recommended alert schedule: Send the first alert 14 days before expiration. This gives the customer ample time and catches the segment that prefers to handle administrative tasks early. Send a second alert at 7 days. This reaches customers who ignored or missed the first message. Send a final alert at 3 days. This creates genuine urgency for procrastinators. Alert effectiveness by timing: 14-day alerts have the highest absolute conversion rate (12% to 15% of recipients update their card). 7-day alerts convert at 10% to 12%. 3-day alerts convert at 8% to 10% but catch the largest remaining segment. Combined, a three-alert sequence prevents 40% to 50% of card-expiry failures, comparable to card updater effectiveness. When layered with card updaters, the combined prevention rate reaches 75% to 85%. Implementation tips: Make the update flow one click — pre-authenticated, no login required. Show the current card details (last 4 digits, expiry date) so the customer knows exactly what needs updating. If you offer multiple payment methods, suggest adding a backup method. LostChurn's card expiry alerts automate this entire workflow, sending personalized alerts at the optimal times and tracking which cards have been updated to avoid unnecessary follow-ups.
Building a Complete Card Failure Prevention Stack
The most effective approach to preventing card-related payment failures combines three layers, each covering gaps the others miss. Layer 1: Card updater services (passive, automatic). These run silently in the background, updating credentials for 50% to 65% of card reissuances. No customer action required. Ensure your processor has card updaters enabled and verify coverage for all card brands you accept (Visa, Mastercard, Amex, Discover). Layer 2: Proactive card expiry alerts (active, pre-failure). Send automated reminders at 14, 7, and 3 days before expiration. These catch the 35% to 50% of cases that card updaters miss and convert 40% to 50% of at-risk customers before a failure ever occurs. Layer 3: Post-failure dunning and smart retries (reactive, post-failure). For the 15% to 25% of card-update failures that slip through layers 1 and 2, immediately trigger a dunning email with a one-click card update link. Pair this with one retry 24 hours later (the card updater may catch up by then) and a second retry at 72 hours. This layer recovers 55% to 65% of remaining card-update failures. Combined effectiveness: When all three layers work together, the overall recovery rate for card-related failures reaches 85% to 92%. For a company with $1M MRR and 2% card-update failure rate, this means losing $1,600 to $3,000 per month instead of $20,000 per month. The ROI on building this stack is typically 20x to 50x. Do not forget non-card failures. This stack addresses card-related failures only. Insufficient funds, PayPal billing agreement issues, and ACH failures each require their own recovery workflows. For a comprehensive approach across all payment methods and failure types, explore the full LostChurn platform and connect your processor through our integrations page.
Related Resources
- Card Expiry Alerts — Proactive reminders that prevent card-expiry failures before they happen
- Glossary: Card Updater — Visa Account Updater, Mastercard ABU, and how they work
- Glossary: Involuntary Churn — How card failures drive preventable customer loss
- Blog: Reduce Failed Payments — Comprehensive guide to preventing payment failures
- Stripe Integration — Stripe card updater support and recovery automation
- Browse Decline Codes — Reference for card-update decline codes across processors
Start recovering revenue today
Join thousands of subscription businesses using LostChurn to automatically recover failed payments and reduce churn.
Start free trial