Real Time Authorizations- Fraud Library

The Fraud Practice eCommerce Fraud Consulting Services

Authorization  is a request from the merchant to the consumer’s issuing bank to determine if sufficient money is available on the credit card for payment, and to hold those funds for this purchase.

Enter your search terms Submit search form

Web www.fraudpractice.com

Real time authorizations save time and money ...

Authorization  is a request from the merchant to the consumer’s issuing bank to determine if sufficient money is available on the credit card for payment, and to hold those funds for this purchase.

How Good Is It? 

There are two methods merchants use to do authorizations: online (which is real time) or batch. If a merchant cannot successfully authorize a purchase on a credit card they will not be able to convert it. Doing real-time authorizations allows a merchant to quickly weed out consumers that don’t have the money to make a purchase. It also gives a merchant the means to let the consumer know, while the consumer is still on the merchant’s site, that they don’t have funds so they can try another card.

          Things to know about authorizations include:

• Authorizations do expire so a merchant needs to make sure they are still good when they want to settle their transaction

• A real-time authorization check allows a merchant to find out if funds are available. As a positive indicator the fact a consumer has funds available is positive point in converting a sale, but this is not a good indicator for fraudulent behavior.

• With co-branded debit cards, when you process an authorization the money is immediately pulled from the consumer's account, if you process multiple authorizations on a consumer you could create an overdraft for the consumer.

Considerations When Implementing or Buying This Functionality  

•  Exceeding a consumer’s card limits: In some cases merchants can exceed a consumer’s credit card limit by mistake because they are running an authorization, and the consumer may fail one of the other checks the merchant requires for processing, and instead of using the original authorization they run another authorization. This can deplete the consumer’s credit line even though the other orders are not going to be processed.

• Some merchants try to cancel an authorization, but this is not really supported by all issuing banks, and usually requires a phone call to the bank. Even with that there is no guarantee that the bank will reverse the authorization.

• What types of reports do they offer to reconcile transactions on a daily, monthly and annual basis?

• Do they charge separately for authorizations and settlements

• Can settlements be done in real time or batch?

• Do they support AVS, card security schemes and e-commerce indicator field?

• Can they process all of the major card types, or do they have to have a separate feed for American Expressor Discover? Or if they want separate feeds to keep the costs down, can the application or service support that?

Estimated Costs – Costs associated with getting an authorization vary widely. There are service bureaus that offer a transactional fee for each call. This is usually very inexpensive — a couple of pennies to less than fifteen cents per transaction. The more volume a merchant does, typically the smaller their transactional fees. For small businesses, most major vendors offer special discounted prices for them, but they are limited to the number of transactions they can run. Vendors also provide payment software solutions that will allow merchants to connect to bank or payment processors to conduct their acquiring activities. Merchants will typically pay a moderate up-front cost for the software then an annual maintenance fee for the software. If they will be using a frame connection to access real-time payment, they will need at least 30 days for the certification process, and the cost of the line should be taken into consideration, as they are significantly more expensive than other options.

Alternative Solutions – If a merchant is a small business I would recommend they look at aggregators for their business. These are businesses that service multiple merchants, called multi-merchants, and they can provide payment solutions at lower costs for smaller merchants by pooling a bunch of merchants together to keep costs down.

Vendors – Card Services International, CyberSource, Paymentech, Wells Fargo, Chase, FDMS, Verisign, Retail Decisions, Retail Logic,

How Does it Work? 

The issuing bank only checks the consumer’s credit card number for authorization. They confirm if it is an active account, if sufficient funds are available, and check AVS (Address Verification System).

There are generally two types of declines a merchant can receive with an authorization: soft or hard declines. Soft declines are those declines in which the bank requires further verification. The bank has not given authorization at this time.

The reasons the bank may want to be contacted are:

• Additional security is in place with banks regarding Internet  companies.

• A bank wants to talk with the Credit Department and then contact the customer to verify the purchase is valid.

• Some banks may have a list of Internet companies they will allow authorizations to go through.

• A customer may have a limit for authorization on their card and the bank needs to contact them to verify the purchase before authorization can be given to avoid possible fraud.

Soft declines have a high percentage rate of converting.

A hard decline from the bank is when the return from the authorization is:

• Insufficient available credit

• Possible fraud — lost or stolen card

• Invalid credit card — number does not exist

• System error

• Time out

System error orders should be actively worked on to try to convert them.

How Do I Use the Results? 

Real-time versus batch processing — in general it is our recommendation that a merchant implement and use a real-time authorization service. Doing real-time authorizations will help a merchant cut their overall costs by cutting out those transactions that they would not be able to be converted regardless of fraud because the consumer doesn’t have any money. If a merchant is doing batch authorizations, they now have to store the transaction, run it against the system if it fails, and contact the consumer for another credit card. Had the merchant been doing real-time authorizations the consumer could have provided another credit card when they were at the site or when they were on the phone. A merchant will also have a higher number of call center calls as these transactions usually will lead to customer service calls in which the consumer calls to find our why his or her orders aren’t there yet.

Building This In-House 

All banks and processors publish specifications that allow merchants to build their own solutions to communicate payment processing. A merchant will have to get their solution certified with the banking institution. With the number of payment solutions on the marketplace, and the reduction in prices to purchase these solutions over the last couple of years, I would recommend that a merchant not build in-house for the following reasons:

• It is cheaper to purchase these solutions on the open market than build them.

• The payment processing and credit card specifications change constantly, sometimes several times in a year, and a merchant doesn’t want to have to keep recoding their solution and getting it recertified.

• Commercial solutions have already been certified by the banking institutions and usually offer multiple links to different banking institutions, allowing a merchant to easily switch between banks for better rates.

• The security found in the commercial solutions is typically more robust than in-house solutions and this provides greater protection from unauthorized access attempts.

Property of The Fraud Practice, all rights reserved, no unauthorized duplication, reproduction or distribution without the express written permission of The Fraud Practice.