Request Access

Sign up to get access to our documentation and to try our product demo.

How do I maximize authorization rates (and minimize fraud)?

Date: Mar 28, 2024

What are authorization rates and why should you care?

Higher authorization rates result in increased revenue (more sales!) to your business and reduced costs (lower CAC, customer support costs). Simply defined, a payment authorization rate is:

Total number of approved transactions / Total number of attempted transactions

Managing the balance between minimizing fraud losses and maximizing authorization is tough. While there are legitimate reasons to decline transactions, such as insufficient funds or account closure, sometimes payments are declined due to suspicion of fraud. “Suspicion” is the key word, as depending upon your fraud model and risk tolerance you may see high false positives.

In the “card not present” or digital environment, the merchant or payment service provider carries liability on card chargebacks or ACH returns. If the merchant or payment service provider does not have strong fraud risk detections, they may decline even legitimate transactions to prevent significant hard dollar losses.

For any payments team, authorization rates are an important metric to track. This metric easily translates to user satisfaction, customer retention, and company revenue. Even a small difference in authorization rate can translate into millions of lost revenue.

Why do authorization rates matter for your business?

Authorization rates matter for two key reasons. First — most of the time, the company ends up losing the particular transaction that was declined. This translates into lost revenue for the business. Second — other times, the company may even end up losing the particular user to a competing platform, since they were not able to successfully purchase or process the transaction they wanted.

The graph above shows the trade-off between preventing fraud and blocking legitimate payments (Stripe). The risk score is the threshold at which the business chooses to block payments — a higher score means a higher threshold for risk, which would result in a higher authorization rate. At a certain point, higher authorization rates do more harm than good, as the merchant accepts an increasing % of fraudulent transactions.

What are the most common decline reasons?

There are a variety of reasons why transactions are declined. Here are a few of the most common decline reasons:

  • Insufficient funds / credit line reached: One of the most common reasons for transaction declines is insufficient funds in the bank account (for ACH transactions) or credit limits being reached (for card transactions). Insufficient funds / lack of credit line reasons account for ~44% of transaction declines (Ethoca).

  • Incorrect card / bank account information: Users often mistype account information and card numbers. ~25% of consumers faced a card decline due to incorrect card / account information (PYMTS).

  • Fraudulent activity suspected: Banks monitor transaction patterns and may decline transactions that seem like anomalies. They consider factors such as geographic location, transaction frequency, and transaction amount.

Other reasons include a suspended card / account, expired card, large purchase amounts, and making a transaction in a different geographic location.

How can you increase your authorization rates?

Putting aside suspected fraud declines, the easiest way to increase authorization rates is to address common decline reason codes from the start.

The following strategies should be first employed to help you improve your authorization rates. At Push Cash, we pride ourselves on our ability to maximize authorization rates, and employ multiple strategies to minimize declines.

  • Active credential life cycle management minimizes declines due to expired cards: Expired or inactive cards is one of the top reasons for transaction declines for “card on file” merchants (e.g. Amazon) or “recurring billers” merchants (e.g. AT&T). You should ensure your payment service provider has implemented life cycle management, and importantly has a mechanism for collecting new credential information (for cases in which this can not be sourced from the network). Push Cash uses network account update services (e.g. Visa Account Updater).

  • Coding transactions correctly can decrease the risk profile of the transaction: Issuers authorize different “merchant category codes (MCC)” at different rates, so ensuring your processor has set up your merchant account with the appropriate MCC is critical. For example, online gaming operators will see much lower authorizations on MCC 7995 than MCC 7801.

  • Collecting and storing backup credentials ensures you can retry transactions: In cases in which one credential is declined (e.g. debit card is declined due to expiration), you can increase your odds of successfully processing the transaction if you have an alternative credential (e.g. A/R associated with a bank debit card). Push Cash collects and securely stores both card and account and routing credentials.

  • Communicating transaction limits address declines due to exceeding limits: While ACH does not have transaction limits, cards do. For debit cards, this is often in the $2.5k-7.5k range. Clearly messaging to the consumer the limit associated with the mechanism that they are using to process the payment can take limits off the table. Push Cash clearly communicates limits to users, and importantly we utilize multi-network strategy to choose the appropriate rail for the transaction.

How do I minimize incidence of chargeback / return loss?

Assuming you have implemented strategies to maximize authorization rates, the next important thing is to implement appropriate checks to minimize chargebacks and returns. There will always be a trade-off between how much information you collect from the user and the conversion rate on the transaction. You could ask the user to fill out 5 minutes worth of information, but you would likely lose the customer!

Fortunately there are a number of tools that “passively (w/o requiring significant customer input)” assess transaction risk. Most of these tools are network (e.g. card or ACH) specific, and at Push we are fortunate to be able to draw insights from all of these tools:

  • ACH fraud risk tools: With the rise of the “aggregators” (e.g. MX, Yodlee), we have seen a rise of a new category of transaction risk management. These tools analyze users’ bank statements and balance to identify risk of ACH return.

  • Card fraud risk tools: These tools have been around for >30 years, and have only gotten stronger. They are fueled by >30 years and trillions of transactions.

  • Card Network risk assessment: As part of transaction processing, the network checks to ensure that the card is valid and that there are appropriate funds in the account.

  • Proprietary customer checks: Payment service providers have built unique tools, which can draw user insights from session activity to further identify bad actors.

  • Minimizing abuse vectors: Putting strategies in place that make it difficult to monetize bad behavior is critical. For example, eCommerce merchants often run secondary checks on a card / account, before shipping out the merchandise — to minimize the ability for bad actors to use stolen credentials. At Push Cash, we ensure funds loaded from a checking account via Push Cash can only be returned to that checking account. This minimizes the vector where a bad actor could shuffle money between two accounts.

If the transaction is disputed, how do we help win disputes?

Even if you receive your transaction disputes or returns, you should not consider the matter settled. Assuming you have put in appropriate user notifications, policies, and procedures, you have the ability to respond to the dispute. At Push Cash, we implement the following to help ensure that we can successfully fight disputes.

  • Follow defined processes (no unforced errors!): There are defined times that merchants need to respond to inquiries and disputes. Missing deadlines, or not providing required information are surefire ways to lose chargeback disputes.

  • Ensure you keep all transaction information: Make sure that you have a clear record of user authorization, and that your users terms and conditions clearly reflect the terms of using your service.

  • Provide compelling evidence: If you believe the dispute is “friendly fraud (e.g. user doesn’t want to be responsible for transaction),” it’s important you can provide as much evidence which makes it clear that the owner of the account authorized the transaction.

  • Stay current with updates to operating regulations: Visa, MasterCard, and NACHA have >100 page operating rules and regulations. They are constantly implementing new policies to improve network security. Rules and requirements around disputes can change over time, make sure you stay up to date to ensure you don’t lose disputes because you did not follow the appropriate procedures.

Closing

Here at Push Cash, we are determined to offer the highest authorization rates on guaranteed transactions, at the best economics possible. To do this, our team draws upon years of payment experience and insights from resources from multiple payment networks. If you’d like to learn more about authorization rates and how Push Cash can help, please send us an email at hello@pushcash.com.

Additional Sources

https://stripe.com/guides/optimizing-authorization-rates

https://www.paypal.com/us/brc/article/optimize-higher-authorization-rates#:~:text=If%20some%20are%20declined%2C%20you,total%20number%20of%20attempted%20transactions

https://www.moderntreasury.com/journal/differences-between-ach-and-cards

https://www.checkout.com/blog/what-are-authorization-rates

https://www.bluesnap.com/5-ways-to-improve-your-credit-card-authorization-rates/