I reported this issue to Authorize.net and they've said tough luck, they are not doing anything about it.
If you are using card updater, one of the things it does is mark CIM payment profiles as ACL (account closed) when card updater runs. However there is an issue where VALID and WORKING credit cards are being reported as ACLed. These cards have been working for many months, suddenly become ACL, but can be charged just fine manually. However since the payment profile is wiped of Authorize, you need the card number again from the customer to charge.
To make matters worse, everytime the customer adds the card to the CIM profile, it gets wiped out every month.
I reported MANY accounts to Authorize to show that the payment profiles were removed because of ACL but the card continues to be just fine.
I asked Authorize to provide an option where we can turn off only the ACL portion of the run so we can manage ACL on our end and not lose the token.
They said no.
At this time, this serious flaw is voiding TOKENs that are valid making card updater pretty useless.