Authorisation
Learn how to initiate a transaction by requesting an authorisation with Cards Connect
A CNP transaction initiated by a cardholder starts with an authorisation request, which aims to get approval from the issuing institution. If the authorisation is approved, the amount in the request will be temporarily held in the cardholder's account, so, the merchant may start fulfilling the order.
Best Practice Recommendation
Merchants should aim to capture authorisations within a short time frame, ideally within 7 calendar days, based on their order fulfillment process. This is to prevent capture failures due to the authorisations getting expired by the issuer.
If the order cannot be fulfilled for any reason, void the authorisation immediately to release the hold on the cardholder's account.
Initiating an Authorisation
Cards Connect needs relevant transaction information to successfully process your authorisation request. These details can be categorised as:
- Identifiers:
orderNumber
,transactionId
and thereconciliationId
- Payment Details:
amount
and thecurrency
- Statement Descriptors: Information about the merchant that will appear on the cardholder's account statement
- Card Info: Details of the card such as card number, expiration date, and CVV.
- Billing Details: Cardholder's billing details
Encrypted Fields
Card Info and Billing Details should be encrypted for the authorisation request. You may check the Field-level Encryption page to learn how to encrypt these fields.
You must generate a transactionId
that is unique at the merchant level for each authorisation. The unique identifier is crucial for inquiring about the transaction's status if a response from Cards Connect is not received.
The transactionId
will be used in subsequent operations such as a void, capture or refund as well as calls to retrieve transaction details. We recommend using easily generated, collision-resistant identifiers like a GUID.
In the authorisation request, you can include your own reconciliationId
to link the authorisation and the subsequent operations such as void and captures. The same identifier will then be returned in the authorisation response and used in all the subsequent operations.
Authorisation Response
After providing all the required information for the authorisation as specified in the API documentation, Cards Connect will process your request and return the outcome in the response.
Possible outcomes:
- Succeeded: the transaction is authorised.
- Authorized with Conditions: the transaction is authorised but one or more validations such as CVV validation or Address Verification (AVS) may have failed. You may check the response to determine what failed, then decide whether to accept the transaction as authorised or void it based on your internal risk policies.
- Declined: the authorisation request was declined by the issuer or the card scheme. Use the response code and description to inform the merchant of the reason for the decline. After addressing the issue in the decline code, you may retry.
- Failed: the authorisation request failed due to an unknown issue or a system timeout. Cards Connect issues a reversal request to the issuer to ensure that each party has the same state for the transaction. However, this automated reversal doesn't affect the transaction's failed state in any way. You may attempt to request a new authorisation from the same card with a new transaction after a failed outcome.
On the other hand, if your authorisation request cannot pass the validations in Cards Connect, instead of the above response, you receive an error. You may check the Error Codes page to check the potential errors you may encounter.
-
Whenever you need to retrieve information on an authorisation, you may call theRetrieving the Details of an AuthorisationGet Authorisation API
with thetransactionId
provided during the authorisation request. - GET
transactions/b72805e2-9dcd-4962-a32f-25099e012e78/authorization
-
{ "transactionId": "b72805e2-9dcd-4962-a32f-25099e012e78", "reconciliationId": "e8dd3707-0d8f-4dde-8691-dec639ba6f5e", "authorization": { "authResponseId": "953019", "amount": 500, "currency": "AUD", "outcome": "Succeeded", "responseCode": "00", "responseDescription": "Approved or completed successfully", "cvvResponseCode": "Match", "avsResponseCode": null, "merchantAdviseCode": null, "schemeTraceId": "STR56648BB66A5464", "paymentAccountReference": "4549603215000001", "createdAt": "2024-06-18T03:09:16.1488927Z" } }
Updated 3 months ago