Transaction Authorization Process
Authorization is the process of obtaining permission from the card issuing bank to accept the card for payment. Authorization involves assessing the card’s transaction risk and, if approved, reserving the specified amount of credit on the cardholder’s account. If a merchant does not comply with Visa or MasterCard rules regarding authorizations, payment to the merchant may be withheld or the transaction may be charged back at a later time. The authorization takes place in real time, as the transaction occurs. The exact processing activities during authorization may be different from one processor to another and vary among merchant types but the process goes through the following stages:
- Cardholder places an order with a merchant. The authorization, and transaction, process begins when the cardholder places an order at a physical store, on an e-commerce website, or in another environment, and provides his or her card account details: name, address, card account number, card’s expiration date, card verification code (the 3- or 4-digit number on the back or front of credit and debit cards), payment amount (if not estimated by the merchant and automatically provided).
- Payment data transmission to the acquiring bank. The payment information provided by the cardholder is transmitted to the acquiring bank (also known as acquirer, merchant bank or processing bank).
- The acquiring bank sends the authorization request to Visa or MasterCard. The processing bank sends the received payment information on to the respective Credit Card Association, requesting transaction authorization.
- The Credit Card Association sends the authorization request to the card issuer.
- The card issuer approves or declines the transaction. Once the card issuer makes its authorization decision the response is sent back to the merchant through the same channels. The possible responses in card-present transactions are listed in the table below:
Response Explanation
Approved Issuer approves the transaction. This is the most common response-about 95% of all card-present authorization requests are approved. Declined or Card Not Accepted Issuer does not approve the transaction. The transaction should not be completed. Return the card and instruct the cardholder to call the issuer for more information on the status of the account. Call, Call Center, or Referrals Issuer needs more information before approving the sale. Most of these transactions are approved, but you should call your authorization center and follow whatever instructions you are given. In most cases, an authorization agent will ask to speak directly with the cardholder or will instruct you to check the cardholder’s identification. Pick Up Issuer wants to recover the card. Do not complete the transaction. Inform the customer that you have been instructed to keep the card, and ask for an alternative form of payment. If you feel uncomfortable, simply return the card to the cardholder. No Match The embossed account number on the front of the card does not match the account number encoded on the magnetic stripe. Swipe the card again and re-key the last four digits at the prompt. If a “No Match” response appears again, it means the card is counterfeit. If it can be done safely, keep the card in your possession, and make a Code 10 call.
A positive authorization response indicates that there are funds available in the account and the card has not been reported as lost or stolen. It is not, however, a proof that the card is not fraudulently used.
Real time vs. batch authorization processing. In a card-not-present environment, merchants who do not process card transactions in real time typically download their transactions from their server within 24 hours of the order request. They then group all orders together (forming a batch) and submit them for authorization. If an order is declined, the cardholder must be notified by phone or email.
Learn how to lower your card acceptance cost
Learn how to accept credit and debit cards at the lowest processing costs. The Payment Card Acceptance kit contains a video and an e-book:
- Video – Card Acceptance Best Practices for Lowest Processing Costs (18 min).
- E-Book – Payment Card Acceptance Guide (19 pages).
Says:
May 22nd, 2010 at 5:52 pm
[...] approval for the additional transaction amount that the extension will generate. Standard authorization procedures should be followed for the extension period. If authorization is declined, you should contact the [...]
Says:
May 24th, 2010 at 10:18 am
[...] the hotel is located within the United States, the merchant is required to follow the standard authorization procedures to obtain approval for the transaction. If authorization is not obtained, the merchant in effect [...]
Says:
May 24th, 2010 at 6:56 pm
[...] e-commerce transaction authorization process has a significant impact on risk, customer service and operational expenses. Implementing the [...]
Says:
May 30th, 2010 at 12:32 pm
[...] to leave a tip, in addition to paying the amount of the bill, need to understand and implement authorization practices that are slightly different from these for transactions where tip is not generally [...]
Says:
May 30th, 2010 at 4:42 pm
[...] the CVC 2 is included in the authorization [...]
Says:
May 31st, 2010 at 3:39 pm
[...] floor limit for all transactions at self-service terminals is zero, which means that all transactions must be authorized, regardless of the transaction [...]
Says:
May 31st, 2010 at 3:53 pm
[...] of the authorization request. Either way, you will receive an AVS response code, separate from the authorization response code, which will tell you whether or not the address provided by your customer matches the [...]
Says:
May 31st, 2010 at 4:05 pm
[...] gateway gathers the transaction information, encrypts it again and sends it to the card issuer for authorization. The authorization response (approval or decline) is routed back to the merchant through the [...]
Says:
May 31st, 2010 at 4:49 pm
[...] must identify the transaction with the most appropriate transaction category code (TCC) in the authorization request message, as shown in the table [...]
Says:
May 31st, 2010 at 5:15 pm
[...] submitted a card security code verification request during the authorization process and received a “U” response from a U.S. card issuer. This response means the issuer [...]
Says:
May 31st, 2010 at 5:28 pm
[...] Payment Indicator. Recurring Payment Indicator is used to identify recurring transactions within authorization and settlement messages in card-not-present environment. The Recurring Payment Indicator is [...]
Says:
June 1st, 2010 at 10:57 am
[...] Provide service or ship product within seven days of the authorization. [...]
Says:
June 1st, 2010 at 6:50 pm
[...] terminals, ATM requirements specify the maximum dollar amount of transactions allowed, as well as authorization, clearing, chargeback, and transaction liability. The following specific requirements [...]
Says:
June 1st, 2010 at 7:11 pm
[...] authorization approval code (except on credit [...]
Says:
June 1st, 2010 at 7:30 pm
[...] Use the Mod 10 algorithm to check all e-commerce transactions before submitting them for authorization. [...]
Says:
June 2nd, 2010 at 9:53 am
[...] stripe-reading (MSR) terminal or hybrid terminal printer certification, merchant rebuttal, or the authorization [...]
Says:
June 3rd, 2010 at 10:00 am
[...] recovering a card, the merchant must notify its processor’s authorization center and receive instructions for returning the card. If mailing the card, the merchant should [...]
Says:
June 4th, 2010 at 9:33 am
[...] exceeds the originally authorized amount by 15 percent or more, you must request an incremental authorization approval for the additional amount, before submitting the transaction for settlement. On the other [...]
Says:
June 4th, 2010 at 6:08 pm
[...] use two or more sales receipts for a single transaction, also known as a split ticket, to avoid an authorization [...]
Says:
June 4th, 2010 at 6:46 pm
[...] and cardholders prevent their fraudulent use. Some of these features form the basis on which the transaction authorization process is [...]
Says:
June 4th, 2010 at 7:14 pm
[...] Transaction authorization requirements. [...]
Says:
June 4th, 2010 at 7:31 pm
[...] the card expiration date. Include the expiration date in your authorization request. An invalid or missing expiration date can be an indicator that the person does not have [...]
Says:
June 4th, 2010 at 7:54 pm
[...] Authorization number (except on credit slips). [...]
Says:
June 6th, 2010 at 12:48 pm
[...] card transaction, you will be charged an additional fixed fee, which is totally separate from the authorization fee. In her report Lagorio cites several examples, ranging from $0.21 – $0.25. It is [...]
Says:
June 7th, 2010 at 9:55 am
[...] fee – another per-transaction fee. Authorization is the process by which a card issuer approves or declines a payment card transaction. You should not pay more [...]
Says:
June 7th, 2010 at 5:30 pm
[...] Transaction authorization. All card-not-present transactions have a floor limit of zero, which means that they all require authorization. Always obtain authorization before completing a transaction and take into account the authorization result code. [...]
Says:
June 9th, 2010 at 5:48 pm
[...] requirements specify the maximum dollar amount of transactions permitted as well as authorization, clearing and chargeback requirements and related transaction liability for each CAT [...]
Says:
June 10th, 2010 at 7:40 am
[...] point-of-sale (POS) terminal is down or cannot read the card’s magnetic stripe or perform an authorization. There can be several reasons why the card’s stripe cannot be read, but it is usually because [...]
Says:
June 10th, 2010 at 9:11 am
[...] features and require that merchants follow specific procedures, especially in regards to payment authorization requests. It should be emphasized that all merchants processing payments for cruise line-related [...]
Says:
June 10th, 2010 at 6:03 pm
[...] card, the processing bank serves as an acquiring bank and makes a decision on whether or not to authorize the transaction; then forwards the response to the [...]
Says:
June 11th, 2010 at 6:17 pm
[...] needed in regular transactions. All unique transactions must be properly identified as such in all authorization and clearing [...]
Says:
June 11th, 2010 at 7:03 pm
[...] can be held responsible for a charge the cardholder claims he or she did not make, even if an authorization from the card issuer was [...]
Says:
June 16th, 2010 at 6:48 pm
[...] earlier transaction authorization request has received an approval but an AVS request has received a “Try again later” [...]
Says:
June 17th, 2010 at 8:23 pm
[...] the card. While waiting for the authorization result, check the card’s security features to make sure it is authentic. Make sure that the [...]
Says:
June 20th, 2010 at 10:42 am
[...] Notices. If the account number is listed, do not complete the transaction without obtaining an authorization from the [...]
Says:
June 20th, 2010 at 11:38 am
[...] a “Code 10″ transaction authorization is fairly straightforward. It is important that you remain calm when calling your processor’s [...]
Says:
June 22nd, 2010 at 10:37 am
[...] the check-out process, while waiting for authorization and for the customer to sign the sales receipt, you should keep the card in your possession and [...]
Says:
June 30th, 2010 at 9:13 am
[...] point-of-sale (POS) terminal cannot read the customer’s card stripe or they cannot obtain an authorization for the transaction. The merchant needs to develop a process for handling such incidents and train the staff [...]
Says:
July 1st, 2010 at 10:04 am
[...] Visa and MasterCard use special codes to designate chargebacks that result from declined authorization requests. Visa uses Reason Code 71 and its MasterCard equivalent is Reason Code 4808. Merchants [...]
Says:
July 2nd, 2010 at 9:41 am
[...] Authorization is the process through which a card issuer approves or declines a credit card transaction (see diagram above). In a card-present environment, the authorization occurs automatically when a card’s magnetic stripe is swiped through a card reader at the point of sale. The card information is then routed to the card issuer through the respective Credit Card Association’s payment network and then the card issuer’s response is routed back through the same channel. [...]
Says:
July 14th, 2010 at 9:35 am
[...] stripe was obtained, a possible remedy is to request that your processor sends a copy of the authorization record to the card issuer as proof that the card’s magnetic stripe was read. You should also [...]
Says:
July 15th, 2010 at 10:11 am
[...] are designed to help merchants and cardholders prevent fraud. These features are used during the transaction authorization process as well and some of them can also be used to detect errors and alert cardholders when wrong [...]
Says:
July 18th, 2010 at 1:36 pm
[...] Authorization is the process by which the card issuer approves or declines a card [...]
Says:
August 1st, 2010 at 12:39 pm
[...] messages in card-not-present environment. The Recurring Payment Indicator is required in all authorization and clearing records. Recurring transactions are typically lower risk than single transactions and [...]
Says:
August 10th, 2010 at 9:35 am
[...] its amount changes, you have to call Discover and request a cancellation of the authorization. An authorization can be canceled within 8 days of receiving it. You will have to provide the following information [...]
Says:
August 11th, 2010 at 9:41 am
[...] electronic authorization system, you should call Discover’s authorization center for a voice authorization. Be advised that the floor limit for all Discover transactions is zero, which means that they all [...]