Things You Need To Know About Card Authorization
Have you ever wondered what happens “behind the scenes” when you hit the ‘Pay’ button on a website? When you make a purchase with a credit or debit card, a card authorization request is sent to the issuer to verify that the card is valid. Here’s how.
Credit card authorization is an approval that the customer has sufficient funds on their card to pay for the transaction. This is the approval from an issuer, usually through a credit card processor. If the customer details are correct and there are enough funds in their account, the specified amount is held and then deducted from customer’s credit limit.
Let’s dive deeper into the process.
Whenever a transaction is made with a credit or debit card, the merchant sends a request to the acquirer, usually through a credit card processor, such as SecurionPay. Then, the acquirer submits a request to the issuer (What is an issuing bank?) to review the customer’s account, check if the customer’s card is valid and whether they have the required funds to complete the transaction.
If there are enough funds to cover the cost of the sale, the authorization hold is placed on the customer’s account, so the credit line is reduced by the amount of the sale. This means that, in return, the acquirer gets a code of approval or error code. As you might guess, if an error code is issued, the transaction was not completed.
By placing an authorization hold for credit or debit card transaction, merchants can protect their business from fraud or chargebacks. They can block funds temporarily for a transaction to verify it and make sure they will get paid.
What happens with the ‘authorization hold’? In short, it is removed when a merchant captures the charge or when the authorization expires (after 5 days). Blocking funds on the customer’s card gives some time to verify and then capture the funds to complete a transaction.
Here’s how the process looks when the authorization fails.
Most payment processors notify online customers about failures automatically by displaying a certain notification of why their transaction was not completed. On the other hand, a merchant can see the cause of the failure, identified by its error code. The error codes can differ based on the acquirer. These could be some technical issues or problems with the information sent to the processor, such as a wrong configuration, missing value in the online form, etc. In many cases, error codes are usually related to a customer’s account.
Latest posts by Sandra Wróbel-Konior (see all)
- 3D Secure 2.0 specification in a nutshell - November 27, 2017
- Things you wanted to know about PSD2 - November 9, 2017
- PCI SSC Europe Community Meeting 2017 Afterthoughts - November 3, 2017