Table of Contents
- What Is an Authorization Code?
- Are There Ambiguous Credit Card Authorization Codes?
- How Do Credit Card Authorization Codes Affect Chargebacks?
- The Bottom Line on Authorization Codes
- What Is a Forced Authorization?
Most people don't spend much time thinking about how a credit card transaction actually works. From the typical customer's perspective, you simply insert your card, press a button or two, and wait for the beep. Behind the scenes, however, there's a lot going to make that transaction work.
The first and most important step in this behind the scenes process is authorization. This is the part of the process that occasionally makes itself visible to the customer in the form of the dreaded "card declined" message. While customers only see authorization as being approved or declined, there are actually a variety of more specific codes that the merchant can see, giving them more information about why the card was declined and what should be done.
What do merchants need to know about the various authorization codes they might receive, how they can be used to prevent chargebacks, and how responding to them improperly can lead to chargebacks?
By familiarizing themselves with the basic function of authorization codes and shedding any misconceptions they might have about what they can and cannot do, merchants can gain a better understanding of how the authorization process works. These insights can be used to identify various errors and inefficiencies that—if left unchecked—can lead to mistakes, confusion, and chargebacks.
What Is an Authorization Code?
When a customer presents their payment card to make a transaction, the terminal reads the card and sends the relevant information to the customer's issuing bank. The issuing bank's system will look up the card and verify that it can process the transaction. The bank check to make sure the account has sufficient funds, the card hasn't been reported lost or stolen, and there are no other flags on the account.
Once the issuing bank’s system has made its determination, it will send an authorization code back to the merchant. This all happens almost instantaneously.
If there’s a problem, the merchant will see a message indicating that the authorization was declined, and the code should provide additional details as to why. Otherwise, the authorization code will say that the merchant is good to go ahead with processing the transaction (or, in some cases, placing an authorization hold). Authorization codes are usually fairly straightforward, but not always.
Are There Ambiguous Credit Card Authorization Codes?
This can happen when the customer removes their chip card from the reader too soon or when they enter an incorrect PIN. In these cases, merchants should simply ask the customer to scan their card again and let them know the PIN was rejected if applicable. However, it's obviously not good practice to allow a customer unlimited attempts to enter a correct PIN.
A transaction that appears to be a duplicate of an earlier transaction may also receive a temporary decline code. Other codes can be used to indicate that the card may be lost or stolen, in which case the bank's system may send a code to the merchant asking them to retain possession of the card to prevent further use.
Merchants may also be instructed to retain possession of a card in other situations, such as when the bank has no record on file of the card number, which may indicate that a counterfeit card is being used.
Sometimes, the authorization code will instruct the merchant to call the issuing bank on the phone for further instructions. A decline code may also be sent if the cardholder told their bank to allow the transaction only if it equals a certain dollar amount—this is not uncommon with corporate credit cards. A complete list of decline codes can be found here.
How Do Credit Card Authorization Codes Affect Chargebacks?
In order to avoid authorization-related chargebacks, merchants should never blindly reattempt transactions that have been declined. If the code indicates that the transaction can be reattempted after certain conditions are met, make sure you understand what the issuer is asking you to do and follow those steps carefully before trying to run the card again.
Remember, a successful authorization code does not mean that the cardholder has approved the transaction, or that they are even aware it is taking place. The code only means that the account has sufficient funds and that the card has not yet been reported lost or stolen. A transaction that receives authorization approval can still be fraudulent and can still end in a chargeback for the merchant.
Merchants who deal with a lot of corporate customers and those who operate in high-risk industries may encounter ambiguous or declined authorization codes more frequently than the average retailer.
These merchants should familiarize themselves with the codes they see most often. They may also benefit from instructing staff on how to read these codes, and establishing policies for handling each one. Since there are typically only a handful of codes a business has to deal with other than the simple approve and decline codes, it shouldn't take much time to establish a procedure for each code you expect to deal with. Having those procedures written down in an easily-accessible place can also help staff who might not deal with them often enough to remember.
Authorization codes should also be examined along with other transaction data when analyzing your chargebacks to discover their root causes. If you receive multiple chargebacks for transactions bearing the same authorization code, it may be that you or one of your employees have misunderstood what that code means and how it should be handled.
The Bottom Line on Authorization Codes
Most of the time, the authorization step is a fleeting and unremarkable part of processing a transaction. The majority of cards will pass authorization without incident, and customers who are told their card has been declined usually have alternate payment methods they can use. When merchants are following sensible procedures, declined transactions will not be processed and authorization-related chargebacks should be rare.
Credit card authorization codes nevertheless contain useful information and in some cases can direct merchants on how to obtain approval and recover a transaction that was initially declined. Authorization codes should be read closely at the time of the transaction and saved along with other relevant transaction data. That will help to give you the full picture of the transaction if complications ever arise and allow you to address issues that might otherwise have gone undiscovered.
FAQ
What Is a Forced Authorization?
Thanks for following the Chargeback Gurus blog. Feel free to submit topic suggestions, questions or requests for advice to: win@chargebackgurus.com
