The short answer
Account Updater is a card-network service that keeps merchants' stored card credentials current when cardholder cards are reissued. Visa's version is VAU (Visa Account Updater). Mastercard's is ABU (Automatic Billing Updater). American Express has Cardrefresher. Discover has similar. Merchants enroll their card vault into the service; on a defined cadence (daily to monthly) the merchant submits stored card records to the network, which returns updates for any card that has been reissued since last sync — new PAN, new expiration date, new CVV position, or flagged as closed/fraud-blocked.
What operators need to know
- Prevents involuntary churn on subscriptions. For a subscription business with 12-month average customer tenure, cards are reissued (expired, lost, fraud-replaced) for roughly 20–30% of customers over that span. Without account updater, each reissue causes a failed charge, a failed dunning email, and ultimately an involuntary churn event. Account updater catches 70–85% of these automatically.
- Not a complete solution. Account updater doesn't work on every card. Issuer banks that haven't enrolled in VAU/ABU (smaller regionals, credit unions, some international) don't submit their updates to the network. Typical coverage: 80–85% of US cards, 60–70% outside US. Customers with non-participating issuers still need to re-enter card data on reissue.
- Processor integration matters. Stripe runs account updater automatically on saved cards; no configuration needed. Braintree runs it with a flag. Authorize.net charges per-update. NMI runs it on their premium tier. Ask your processor how frequently they run the sync — daily is better than monthly.
- Network tokens bypass account updater entirely. If the card is stored as a network token (via Visa VTS or Mastercard MDES), the token automatically updates at issuance time — no sync job required. Network tokenization is strictly better than account updater for cards that qualify.
- Cost. Most processors include account updater in a bundled "card-on-file" fee or charge $0.10–$0.25 per successful update. At volume, this is a rounding error vs. the revenue saved from prevented involuntary churn.
- Compliance: must have customer consent. Storing cards for future use requires customer consent (checkbox at checkout plus stored-credential disclosure). Account updater doesn't change the consent requirement — it just keeps the stored credential current.
Account updater limitations
- Issuer participation isn't universal. Approximately 15–20% of US cards are on non-participating issuers. On international, coverage varies by market.
- Debit cards are inconsistently covered. Visa debit and Mastercard debit are covered but some regional debit networks (Interlink, Maestro) have lower participation rates.
- Virtual/one-time cards can't be updated. Privacy.com, Revolut virtual cards, and similar one-time-use cards are flagged as non-updateable.
- American Express is inconsistent. Amex's Cardrefresher has lower issuer participation than Visa VAU / Mastercard ABU.
Retry strategy on failed updates
When account updater returns "card closed — no replacement," you have a hard loss. Email the customer to update their payment method, and include context on which subscription is affected. Gentle dunning (3 retries over 7 days with updated copy each time) recovers 25–40% of these cases. See retrieval requests and dunning strategy for operator-side process.
How multiflow handles account updater
All parent merchant accounts we place run both VAU and ABU daily. Network-tokenized cards are updated via the card network directly (see network tokenization). Subscription operators on multiflow typically see 2–4 percentage points of involuntary-churn reduction vs. processors running account updater monthly or not at all.