Skip to content
    Picture of Basis Theory ·
    Payments

    Improving Authorization Rates with a Single PSP

    Improving authorization rates

    The first step in accepting payment from a consumer is getting their payment credentials authorized, meaning, essentially obtaining a signal from their financial institution that the transaction is legitimate, and that the account has funds and authority to make the requested purchase.

    Although it often feels like a merchant just “runs the credit card,” authorization is in fact a multi-step process. The authorization is acquired first, after which the funds can be captured. When authorization fails, the merchant is unable to complete the transaction, even though they have generally incurred fees in the attempt.

    While the most effective way to improve the volume of successful transactions is through a multi-PSP system, there are still plenty of steps a merchant can take to maximize the authorization rates from their single PSP.  

    Why You Should Care About Authorization Rates 

    A merchant’s authorization rate (or auth rate) is a key measurement of how well its payments system is working. An authorization rate between 85% and 95% is considered desirable.

    A lower auth rate means that the merchant is failing to close transactions, wasting time and money on getting consumers to the point of purchase, only to fall down at the most important step in the process. When auth rates drop suddenly, this can also be a flashing red light, warning of deeper issues in the business.

    A flood of fraud leading to an unusually high flow of chargebacks, for instance, can cause downstream partners in the payments ecosystem (from PSPs to gateways to issuing banks) to be more cautious in allowing deals through.

    On the other hand a truly perfect authorization rate may well mean that the merchant has taken its security measures too far: it is almost inevitable that good deals are being left on the table. 

    Return to Top

    Tips for Improving Authorization Rates 

    For merchants who aren’t yet ready to expand their payment systems to more than one downstream PSP, there are steps that can be taken to bolster the auth rates (though the number of merchants now going multi-processor is reportedly over 50%). Here are five key possibilities to consider

    Collect and Transmit the Right Cardholder Data

    The issuing bank wants as much information as possible, presented in a particular way (there is even some evidence that different banks prefer the exact same data presented in slightly different formats.) 

    Importantly, consider contracting with security providers that can try to match key data elements before presenting them to the card networks. Just as one should never send a credit card number that fails the Luhn algorithm, one should never send an address whose zipcode doesn’t match the street address.

    Opting not to submit transactions that pre-transmission checks can identify as unlikely to pass muster will have a measurable impact on auth rates.

    Use Network Tokens

    A network token is a special, merchant-specific, identifier for a given credit card that replaces the Primary Account Number (PAN.) Once acquired, a network token gives the merchant access to submit payment requests with confidence that they will not be stymied by typical challenges like credit card expiration.

    Meanwhile, even if the network token were to get stolen by hackers, it cannot be used by another entity, which not only protects your customers from fraud, but insulates your business from the negative impacts of a sudden influx of fraudulent deals and chargebacks.

    Plan Ahead for Network Unavailability

    Much as every system provider wants to boast about ‘five nines uptime’ (i.e. that their system is available 99.999% of the time), most rather carefully don’t so much as commit to it as they do define a set of concessions to be made to customers when they inevitably suffer system outages.

    In other words: at some point every merchant will try to complete transactions through networks that will be unavailable. Merchants can plan ahead by building robust interfaces, which detect the unavailability of downstream services and queue valid transactions for later transmission.

    Manage Recurring Transactions Effectively

    One of the great gifts to commerce of the last few decades is the subscription business model. Rather than selling one item one time, merchants from Adobe to Meta offer access via much smaller periodic payments.

    This makes the initial purchase more accessible for the consumer, while providing an ongoing revenue stream to the merchant. Unfortunately, with all the complexities of the credit card lifecycle, attempts to collect periodic payments can come under pressure.

    Even merchants who have followed recommendation two (using network tokens to eliminate ‘card expired’ declines) often find themselves in the unhappy position of trying to collect from customers whose accounts are temporarily light on funds. Merchants can solve for this by doing a few things: tracking decline codes (see below), building a dunning and retry system which takes what may be temporary problems with processing and defeats them by trying again after a reasonable wait, and by adjusting charging periods to that they minimize the risk of low funds declines.

    For the latter, note that dates around the middle and end of the month are particularly problematic, as they may represent the last moments before the next pay day. Aim to schedule payments for the 16 or second of each month, not the 14 and 29.

    Get Smart on Decline Codes

    When authorization is declined, merchants actually get some (albeit not often a lot) of information about the reasons why. These are delivered as decline codes, which may be divided into Soft and Hard declines.

    • Hard declines are just as they sound, a solid ‘no’ that is not going to change for a range of reasons (fraud, account closed, etc.)
    • On the other hand, soft declines can include insufficient funds, do not honor (as often as not this also means insufficient funds!), system failure, and a range of other issues that are true today - but may not be true tomorrow.

    Merchants can improve their auth rates, and ultimately revenue, by planning ahead. Collect transactions that hit these soft declines, and store them for attempted retry at a later date. Obviously this is situation-dependent (i.e. you can’t agree to send someone a physical product today in the hopes their card will clear tomorrow), but especially for digital accounts and subscription services, where the incremental cost to service the customer is low, it can be a meaningful addition to the business.

    Return to Top

    How Working with Multiple PSPs Can Help 

    Even though the above strategies can absolutely improve authorization rates for merchants committed to a single PSP partner, the reality is that true optimization effectively requires the adoption of a multi-processor program. Sending transactions to well-suited PSPs (local ones for cross-border transactions, or specialist ones for high-risk items) can deliver benefits that aren’t available without that expansion of downstream providers.

    Nonetheless, there are few merchants who can’t add a little extra value to their business by cleaning up their auth rates, even if they maintain their loyalty to a full-service PSP. Every little bit helps, and every business is right to claim every last penny within their reach.

    Return to Top

    De-Risk Payments. De-Scope Compliance.   Accelerate time-to-compliance and eliminate nearly 90% of the PCI DSS Level 1 requirements using Basis theory.  

    Stay Connected

    Receive the latest updates straight to your inbox