Merchants today are not only grappling with interchange and processing fees but also with a growing number of penalty fees. These charges often fly under the radar until they spike, leading to surprise costs that can significantly impact margins. While some of these penalties have existed for years, recent updates from Visa and Mastercard have introduced new programs and fee structures, increasing both complexity and financial risk for merchants.
We have analyzed our data and compiled a list of the most common non-transactional fees that result from scheme penalties, which currently affect merchants or present challenges:
Mastercard Credential Continuity Fee
Description
The Credential Continuity Program (CCP) was designed to reduce failed transactions by ensuring that merchants keep stored payment credentials up to date. When cardholders receive new or updated cards, outdated details can trigger declines, and if merchants don't adopt the systems required to keep credentials synchronized, they may face extra costs.
How It Works
Merchants must adopt systems to keep stored payment credentials synchronized by using tools such as Account Billing Updater.
Failure to update outdated credentials leads to penalty fees for declined transactions.
This fee underscores Mastercard's push for merchants to improve authorization approval rates and reduce unnecessary retries.
Starting April 1, 2025, Mastercard's Credential Continuity Program imposes a $0.09 fee per transaction for recurring payments processed using outdated credentials.
Mastercard Incompliant Final Authorization Fee
Description
This fee has been added in July 2025 and might impact several merchants that separate authorizations and capture events. Final authorization is used to verify that a card has enough funds to complete a transaction, where the amount to be captured is known at the time of the initial authorization.
The transaction is ready to be completed, and the final amount is known
Capturing of funds within 7 days is required (some MCC exclusions apply)
How It Works
If the transaction needs to be captured for a lower amount than authorized, a fee of 25 bps ($.04 USD minimum) will apply.
If the transaction needs to be captured for a higher amount, a new authorization will be needed to capture those additional funds.
Mastercard Merchant Advice Code (MAC) Fee
Description
The Merchant Advice Code (MAC) Transaction Processing Excellence Program, established years ago, continues to impose significant penalties on merchants who fail to adapt their systems. Despite its longevity, many merchants still struggle to comply, resulting in costly fees.
How It Works
For Card-Not-Present (CNP) transactions declined with MAC values 03 (Do Not Try Again) or 21 (Payment Cancelled), merchants are expected to refrain from retrying the transaction.
If a merchant retries the same card for the same amount within 30 days, Mastercard imposes a penalty fee.
Merchants often fail to receive advisory codes correctly or neglect to act on them, leading to substantial financial consequences over time.
The fee costs as much as 0,50 EUR, but may vary according to factors such as regionality.
Mastercard Authorization Optimizer for CNP Transactions
Description
Mastercard has recently introduced the Authorization Optimizer Program to address recurring card-not-present (CNP) transactions declined due to insufficient funds (decline code 51).
How It Works
Mastercard issues a Merchant Advice Code (MAC 24-30) that specifies the optimal retry interval.
A fee applies for each such transaction, whether or not merchants act on the advice.
This program reflects Mastercard's growing emphasis on authorization optimization, but it also creates new cost considerations for merchants.
Mastercard Not Tokenized Credential-on-File (COF) Fee
Description
The Mastercard Not Tokenized Credential-on-File (COF) Fee is a penalty charged to merchants for processing transactions that use stored card details (COF) but lack a Mastercard network token.
The fee is charged on not tokenized COF Authorization transactions. A non tokenized credential is when the shopper has to insert the payment details upon checkout. If the card is stored and the shopper just selects it (based on the 4 last digits), this is considered as a form of card on file and mastercard expects to see a network tokenization request.
How It Works
The fee is 0.07% of the transaction amount for non-tokenized COF authorizations.
Tokenization protects sensitive card data by replacing it with a secure token.
Exceptions apply if tokenization was attempted but declined within the same month, though fees often don't appear until two months later due to Mastercard's reporting schedule.
Visa Issuer "Never Approve" Fee
Description
Visa introduced the Issuer Never Approve Fee to discourage merchants from retrying transactions that have zero chance of approval, such as those blocked by the issuer or unsupported transaction types.
How It Works
Each retry incurs a fee: $0.10 for domestic reattempts and $0.15 for international reattempts.
Merchants need stronger systems to recognize and stop these transactions at the source to avoid charges and react based on decline reason codes.
Visa Stop Payment Service Fee
Description
The Visa Stop Payment Service Fee targets merchants who continue to retry charges after a cardholder has explicitly withdrawn authorization. This is related to the Visa Stop Payment Service (VSPS) that enables Visa card issuers to stop card-on-file payments (including recurring and installment payments) from being authorized, cleared, and settled through VisaNet. The service can help to provide Visa issuers with a method for handling cardholder stop payment requests and reduce unnecessary disputes and chargebacks.
How It Works
Fees of EUR1 per instance apply after the fourth retry on transactions with decline codes such as R0 (Stop Payment Order), R1 (Revocation of Authorization), or R3 (Revocation of All Authorizations).
Repeated retries are costly both financially and reputationally.
Key Takeaways for Merchants
The growing landscape of penalty fees highlights a clear trend: card networks want merchants to optimize transaction processing, minimize unnecessary retries, and adopt secure, modern practices such as tokenization. To reduce exposure, merchants should:
Implement robust decline management systems that can interpret MAC values and automate retry strategies accordingly.
Adopt network tokenization for stored payment credentials to avoid non-tokenized COF fees.
Monitor decline codes closely to prevent retries on transactions that will never be approved.
Educate billing and payments teams on new scheme rules, ensuring compliance across regions.
How IXOPAY Can Help
Staying on top of every new fee, decline code, and retry rule is challenging - but it doesn't have to be. IXOPAY's AI payments intelligence software gives you precise visibility into your transaction performance, helping you:
Detect costly decline patterns early.
Optimize retry strategies with data-driven insights.
Ensure compliance with Visa and Mastercard rules.
Reduce unnecessary penalty fees that cut into your margins.
Discover how IXOPAY can help you reduce penalty fees and maximize processing efficiency.
