The threshold for enumerated transactions under Visa’s Acquirer Monitoring Program (VAMP) is 300,000 Visa-identified enumerated attacks that are more than or equal to 20% of your transaction volume. If you breach this threshold, you fall under Visa’s excessive enumeration program.
Note: Visa made a significant update to how they calculate the program ratios, with corresponding increases to the thresholds at which these ratios result in scheme fees.
For more information, see Update to the Visa Acquirer Monitoring Program (VAMP).