Authorizations are requests from a merchant to the consumer's issuing bank to ensure the cardholder has sufficient money or available credit to cover payment while reserving the funds for the purchase if available.
There are two methods merchants use to do authorizations: online (which is real time) or batch. If a merchant cannot successfully authorize a purchase on a credit card they will not be able to convert it. Doing real-time authorizations allows a merchant to quickly weed out consumers that don’t have the money to make a purchase. It also gives a merchant the means to let the consumer know, while the consumer is still on the merchant’s site, that they don’t have funds so they can try another card.
Things to know about authorizations include:
Authorizations do expire so a merchant needs to make sure they are still good when they want to settle their transaction.
A real-time authorization check allows a merchant to find out if funds are available. As a positive indicator the fact a consumer has funds available is a positive point in converting a sale, but this is not a good indicator for fraudulent behavior.
With debit cards, when you process an authorization the money is immediately pulled from the consumer's account, if you process multiple authorizations on a consumer you could create an overdraft for the consumer. With credit cards the authorizations only affect the consumer's credit limit, but with debit and prepaid cards the amount of funds authorized will actually be pulled from the account immediately to be held until either the transaction is completed or the until the Authorization is either cancelled or expired.
THE FRAUD PRACTICE
KEY NOTES
Alternative Solutions - Aggregators, businesses that service multiple merchants and are also called multi-merchants, can provide payment solutions at lower costs for smaller merchants by pooling a bunch of merchants together to keep costs down.
Building this In-House - All banks and processors publish specifications that allow merchants to build their own solutions to communicate payment processing. A merchant will have to get their solution certified with the banking institution. With the number of payment solutions on the marketplace, and the reduction in prices to purchase these solutions over the last couple of years, I would recommend that a merchant not build in-house, it is cheaper to purchase the solutions on the open market than to build them.
Estimated Cost - Costs associated with getting an authorization vary widely. There are service bureaus that offer a transactional fee for each call. This is usually very inexpensive — a couple of pennies to less than fifteen cents per transaction. The more volume a merchant does, typically the smaller their transactional fees.
Sample Venders - N/A
REAL TIME OPERATIONS TECHNIQUE OVERVIEW
Authorization is a request from the merchant to the consumer’s issuing bank to determine if sufficient money is available on the credit card for payment, and to hold those funds for this purchase. Key considerations when implementing or buying this functionality include:
Exceeding a consumer’s card limits: In some cases merchants can exceed a consumer’s credit card limit by mistake because they are running an authorization, and the consumer may fail one of the other checks the merchant requires for processing, and instead of using the original authorization they run another authorization. This can deplete the consumer’s credit line even though the other orders are not going to be processed.
Some merchants try to cancel an authorization, but this is not really supported by all issuing banks, and usually requires a phone call to the bank. Even with that there is no guarantee that the bank will reverse the authorization.
What types of reports do they offer to reconcile transactions on a daily, monthly and annual basis?
Do they charge separately for authorizations and settlements?
Can settlements be done in real time or batch?
Do they support AVS, card security schemes and e-commerce indicator fields?
Can they process all of the major card types, or do they have to have a separate feed for American Express or Discover? Or if they want separate feeds to keep the costs down, can the application or service support that?
HOW DOES IT WORK?
The issuing bank only checks the consumer’s credit card number for authorization. They confirm if it is an active account, if sufficient funds are available, and check AVS (Address Verification System).
There are generally two types of declines a merchant can receive with an authorization: soft or hard declines. Soft declines are those declines in which the bank requires further verification. The bank has not given authorization at this time.
The reasons the bank may want to be contacted are:
Additional security is in place with banks regarding Internet companies.
A bank wants to talk with the Credit Department and then contact the customer to verify the purchase is valid.
Some banks may have a list of Internet companies they will allow authorizations to go through.
A customer may have a limit for authorization on their card and the bank needs to contact them to verify the purchase before authorization can be given to avoid possible fraud.
Soft declines have a high percentage rate of converting.
A hard decline from the bank is when the return from the authorization is:
Insufficient available credit
Possible fraud — lost or stolen card
Invalid credit card — number does not exist
System error — these orders should be actively worked on to try and convert them
Timed out
HOW DO YOU USE THE RESULTS?
Real-time versus batch processing — in general it is our recommendation that a merchant implement and use a real-time authorization service. Doing real-time authorizations will help a merchant cut their overall costs by cutting out those transactions that they would not be able to be convert regardless of fraud because the consumer doesn’t have any money. If a merchant is doing batch authorizations, they now have to store the transaction, run it against the system if it fails, and contact the consumer for another credit card. Had the merchant been doing real-time authorizations the consumer could have provided another credit card when they were at the site or when they were on the phone. A merchant will also have a higher number of call center calls as these transactions usually will lead to customer service calls in which the consumer calls to find out why his or her orders aren’t there yet.