VAU – Visa Account Updater
What Is Visa Account Updater?
Visa Account Updater (VAU) is a service operated by Visa that automatically refreshes stored card credentials—PAN, expiry date, and account status—when an issuing bank issues a replacement card to a cardholder. For subscription businesses, SaaS platforms, and any merchant storing card-on-file for recurring charges, VAU eliminates the most common and most preventable cause of involuntary churn: the expired or replaced card that triggers a failed renewal.
When a cardholder receives a new card—due to loss, theft, routine expiry, or bank-initiated replacement—the issuing bank transmits updated credential data to Visa's account updater network. Merchants enrolled in VAU can query this service before the next billing cycle, silently updating their stored records and preventing the failed charge and the customer friction that follows.
How VAU Works
Batch Query and Four-Way Response
Merchants submit a batch of stored PANs to VAU, typically three to five business days before the next scheduled charge run. VAU returns one of four standardised responses per record: Updated (new PAN or expiry provided), Closed (account closed—do not retry), Contact Cardholder (no automated update available), or No Change. This structured response matrix enables targeted action per account rather than blanket retry logic that wastes authorisation attempts.
Network Tokens: The Real-Time Extension of VAU
Network tokenisation extends VAU's credential refresh logic to real time. Instead of storing the raw PAN and querying VAU periodically, a merchant stores a Visa network token issued by the Visa Token Service. When the underlying card is replaced, Visa automatically updates the token's Linked credentials without any merchant-initiated query. Network tokens are also domain-restricted, adding a fraud prevention layer on top of the lifecycle management capability.
Business Case: The Cost of Not Using VAU
Industry benchmarks indicate that involuntary churn from card expiry and replacement accounts for 20–40% of total subscription cancellations in card-on-file businesses. Each failed renewal triggers a cascade: decline handling fees, dunning campaigns, and customer service contacts. For a business with 100,000 active subscribers and a 10% annual card turnover, VAU or network tokenisation typically recovers tens of thousands of euros in annual revenue at minimal incremental cost.
How Hellgate Guardian Handles VAU
Guardian, Hellgate's PCI-compliant token vault, integrates with the Visa Token Management Service (TMS) to support both traditional VAU batch queries and real-time network token lifecycle management. When a cardholder's credentials change, Guardian is automatically notified and updates its internal mapping—ensuring the next charge attempt uses valid, issuer-current credentials without any merchant engineering involvement.
For merchants routing through multiple acquirers via Hub, Guardian's single vault ensures the updated credential is immediately available across all routing paths, eliminating the scenario where one acquirer has a refreshed token while another attempts a stale PAN. Pulse tracks authorisation rate trends per token cohort, surfacing the measurable uplift that VAU and network tokenisation deliver.