Payment Authorizations 101

Payment Authorizations 101

Payment authorization failures are costly. To help illustrate what’s pushing away valuable transactions, here’s an overview of the payment authorization landscape, why it’s so convoluted, and how to retain more customers with alternative solutions.

Lately, we’ve been talking a lot about payment authorization failures and how they may be costing merchants up to 15% of their potential eCommerce revenue. One reason that this has ballooned into such a massive issue is that merchants aren’t getting enough insight into why customers are declined and often have little control over the decision. 

The other reason? Many eCommerce teams aren’t even concerning themselves with the payment authorization process, but perhaps they should. Payment authorization is a way to validate the authenticity of the transaction and that a customer has sufficient funds through their line of credit to cover the cost of the transaction. When payment authorization results in failure, the customer gets declined and usually has no recourse to follow through with their purchase. 

To help illustrate what’s pushing these valuable customers away, here’s an overview of the payment authorization landscape, why it’s so convoluted and how to retain more customers with alternative solutions. 

Key players in payment authorizations

After a customer enters their credit card details to buy something online and hits “pay now,” the payment goes through several layers of review within seconds before their transaction is either approved or declined. Let’s dive into the players involved in each layer and their role in the payment authorization process. 

Gateway: The payment gateway is the first and last step in payment authorization. It relays the customer’s credit card information to the acquirer or payment processor, but it also ensures that the payment is legitimate through its own anti-fraud detection.

Acquirer/Processor: The acquirer or payment processor passes along the customer’s credit card information to the issuing bank and enables the transaction to be processed. Unlike the gateway, payment processors do not securely authorize the transaction, which is why both a gateway and processor are involved in the authorization process. 

Credit Card Network: The credit card network facilitates transactions between merchants and card issuers. The network is responsible for charging merchants interchange fees for processing consumers’ card transactions.

Issuing Bank: The issuing bank is the financial institution that provides cards and credit limits to consumers. They have the final authority on whether a transaction is approved or denied since they are the ones issuing the funds to the merchant. 

Making sense of a convoluted process

There are many, perhaps too many, steps involved in payment authorization. Let’s try to explain how all the layers work together to get the consumer from checkout to approval/decline. 

Imagine you’re taking an international trip. When you enter a different country, you pass through border control (the gateway). They review your passport and check your background details before deciding whether to let you enter the country or not. The border control agent scans your passport through a device (payment processor) that communicates with your country of origin (issuing bank). If your home country communicates to the visiting country that you are not a threat, border control will let you enter the country, unless border control finds its own reasons for why they think you might be a threat. Let’s assume that both border control (gateway) and your home country (issuing bank) decide you can enter the visiting country. The visiting country can charge you an entry fee for coming through their borders. This is similar to the credit card network charging a merchant for processing the consumer’s transaction. 

The main point of this example is to demonstrate how involved payment authorization can be. Each party has their own valid reasons for wanting to limit fraud, which is why the decline can come from more than one entity. Merchants that sell online in multiple countries likely partner with different gateways for payment processing in each country, which leads to even more complexity in managing payment orchestration. 

Alternative Solutions

The issue for merchants is that gateways and issuing banks have very rigid rules when it comes to fraud detection. They may automatically decline transactions based on conditions like AVS mismatch, “risky” issuing country, insufficient funds or an internal blacklist. When this happens, the turned away customer can’t finish the transaction and might go to a competitor to make their purchase instead. Clearly, this poses a major issue for merchants, costing them revenue and potential life-long customers.   

While merchants have no control over the rules and algorithms that issuing banks and gateways use to decline payments, they can now give the shopper the ability to complete their transaction after being declined. Riskified has reviewed hundreds of millions of orders for fraud and can accurately and efficiently differentiate good customers from fraudsters. Leveraging this technology, we built Deco to recoup revenue lost to payment authorization failures. 

Deco uses our machine-learning models to identify legitimate shoppers and offer them an option to checkout with Deco after experiencing a payment decline. This enables the customer to complete their purchase immediately without leaving the merchant’s site. As a result, Deco converts up to 20% of declines in approvals, improves conversion rates and reduces customer cart abandonment. Get in touch with our team to learn how Deco can help boost revenue and secure customer loyalty.