Credit Card Authorization Codes Solved 2020
It’s easy to take for granted how smooth and swift most credit card transactions are. A few seconds in the chip reader, a few taps on the screen, and presto—your purchase is paid for. In fact, there’s an awful lot going on behind the scenes to streamline those transactions.
One key facet of the modern card transaction process is the authorization code, which verifies essential information. For example, it confirms that the customer’s card has sufficient funds and has not been reported stolen. What do merchants need to know about credit card authorization codes and the role they plan in reducing fraud and disputes?
For most merchants, authorization codes are largely invisible at the time of transaction. If merchants refer to them at all, it’s generally when they’re looking up or researching a transaction that relates to a dispute or some other customer issue.
By familiarizing themselves with the basic function of authorization codes and shedding any misconceptions they might have about what they can and cannot do, merchants can gain a better understanding of how the authorization process works and use those insights to identify errors or inefficiencies that can lead to mistakes, confusion, disputes—and chargebacks.
Before going any further, keep in mind the important distinction between card authorization codes and card verification codes. The latter refers to the CVV number printed on the back of cards, which are used to confirm the cardholder’s identity. These numbers remain static for the life of the card, are manually provided by the cardholder, and per PCI-DSS regulations they cannot be stored for reuse by the merchant.
How Do Credit Card Authorization Codes Work?
A credit card authorization code is a two to six digit alphanumeric code. When a customer presents their payment card to make a transaction, the terminal reads the card and communicates with the customer’s issuing bank. It will send along some information about the transaction.
The issuing bank will look up the card and verify that it can process the transaction. The bank checks whether the account has sufficient funds, whether the card has been reported lost or stolen, or if there are any other flags on the account that are cause to decline the transaction.
Once the issuing bank’s system has made its determination, it will send the authorization code back to the merchant.
This happens almost instantaneously, before the actual processing of the transaction begins.
If there’s a problem, the merchant will see a message indicating that the authorization was declined, and the code should provide additional details as to why. Otherwise, the authorization code will say that the merchant is good to go ahead with processing the transaction (or, in some cases, placing an authorization hold).
Authorization codes are usually fairly straightforward—but not always.
Are There Ambiguous Credit Card Authorization Codes?
Some authorization codes do not indicate a flat-out denial, but instruct the merchant to take some actions and try again. This can happen when the customer removes their chip card from the reader too soon, or they enter an incorrect PIN. A transaction that appears to be a duplicate of an earlier transaction may also receive a temporary decline code.
Other codes are strong indicators of fraud on a card that has not yet been reported lost or stolen, and the authorization code may be used to send a message to the merchant asking them to retain possession of the card.
One example of this is when the bank has no record on file of the card number, which may indicate that a counterfeit card is being used.
Sometimes, the authorization code will instruct the merchant to call the issuing bank on the phone for further instructions. A decline code may also be sent if the cardholder told their bank to allow the transaction only if it equals a certain dollar amount—this is not uncommon with corporate credit cards.
How Do Credit Card Authorization Codes Affect Chargebacks?
A healthy respect for authorization codes is essential if you want to avoid chargebacks. Several chargeback reason codes specifically refer to transactions where the merchant went ahead with processing after receiving a decline code.
If you get a “declined” response, do not process the transaction. If the code indicates that the transaction can me reattempted after certain conditions are met, make sure you understand what the issuer is asking you to do and follow those steps carefully before trying to run the card again.
Remember, a successful authorization code does not mean that the cardholder has approved the transaction, or that they are even aware it is taking place. The code only means that the account has sufficient funds and that the card has not yet been reported lost or stolen.
A transaction that receives a positive authorization code can still be fraud and can still end in a chargeback for the merchant.
Merchants who deal with a lot of corporate customers, or those who operate in high risk industries, may encounter ambiguous or declined authorization codes more frequently than the average retailer. Those merchants should familiarize themselves with the codes they see most often and put clear guidelines and policies in place for how staff should respond to those codes.
Authorization codes should also be examined along with other transaction data when analyzing your chargebacks to discover their root causes.
Most of the time, the authorization step is a fleeting and unremarkable part of processing a transaction. The majority of cards will pass authorization without incident; customers who are told their card has been declined usually have alternate payment methods they can use. When merchants are following sensible procedures, declined transactions will not be processed and authorization-related chargebacks should be rare.
Credit card authorization codes nevertheless contain useful information and in some cases can direct merchants on how to obtain approval and recover a transaction that was initially declined. Authorization codes should be read closely at the time of the transaction and saved along with other relevant transaction data. That will help to give you the full picture of the transaction if complications ever arise.