Recent Posts
Sponsors
 |
Processing Payments: Authorize vs Capture vs SettledMike Peters, 01-04-2011 |
When processing credit card payments, there are several "transaction types" used to identify what action to take with the customer's credit card.
The "transaction type" tells your merchant processor, whether you want to charge the customer's credit card, issue a refund or obtain an authorization code for a specific amount.
People often get confused with all these different transaction types and how they're used, so I wanted to try and clear things up a bit.
With this post, I'll cover the purpose of each "transaction type" and how they're used in the real world.
The same principles apply whether you're processing payments online, offline, using Authorize.net or using any other payment gateway. So it's a good idea to understand how it all works.
Process Flow
Before we dive into transaction types, it will help if we first understand the payment process flow. How money moves from a customer's bank account to yours.
There are lots of tutorials online about transaction types, but I found them all to be way too technical. Here's my attempt of breaking things down, in lamen terms...
Let's meet Dorris.
Dorris is an affluent traveler who loves exotic destinations.
In one of her recent trips to Aruba, Dorris checked-in to the recently renovated Hilton hotel.
The trip was all paid-up in advance, but the guy at the front desk insisted on swiping Dorris' credit card. "This is to cover any incidentals" he said. In other words, help yourself to the minibar. The Cherry Almonds are only $15 a pop...
Dorris hands-over her credit card and the hotel submits an Authorization transaction type, in the amount of $200. The payment gateway responds with a unique authorization code that is saved in the hotel system. Dorris gets her room key and falls asleep as soon as her head hits the pillow. It was a long flight.
A few days later, while shopping at the local market, Dorris suddenly realizes she lost her purse. Credit Cards, driver license and some cash, all gone like dust in the wind.
Dorris gets on the phone with American Express and immediately cancels her credit card. This is the same card she handed to the hotel to cover any potential minibar charges.
A few more days go by. Time flies when you're having fun! It's already Friday and it's time for Dorris to check-out from the hotel.
"I see you have $40 in minibar charges" says the hotel clerk, smiling ear to ear. "We'll go ahead and apply this to the card we have on file. Thank you for staying at the Hilton".
Dorris starts walking towards the door and then she yells "Oh! I lost my card and had to cancel it. I'm sorry".
No problem.
The hotel submits the previously obtained authorization code with a Capture transaction type and the amount set to $40.
Since the authorization was for $200, no matter what happens to the card, how much money is in the account or whether or not the card was canceled. The funds were already reserved and $40 are successfully captured by the hotel's payment gateway.
24 hours later, the transaction settles and funds show up in the hotels' bank account.
There you have it. Now you understand the flow from card authorized to captured to settled.
Transaction Types
Now that we covered the basics, let's drill deeper and review all transaction types:
Authorize (AUTH_ONLY):
Run the card for a given amount and obtain a unique authorization code. The amount will be put on hold and you are guaranteed these funds as long as you use the authorization code in a Capture transaction within 30 days. (How long before an authorization code expires varies by company. Check with your payment gateway)
Customers don't see the authorization as a charge on their statement, but they will see their available funds decrease by the amount you ran the authorization for.
There's an exception here - if the card is a debit card, the transaction will show up in the customer's online statement. Regardless of whether or not the transaction shows up, the rules are the same:
If you don't use the authorization code in a follow-up Capture transaction, the authorization is "dropped", funds returned to the customer's balance and you can no longer use it.
Capture (PRIOR_AUTH_CAPTURE):
Use a previously obtained authorization code to complete the transaction.
The amount captured can be lower than the originally obtained authorization amount (this is useful in cases like our example where you don't know the total order amount ahead of time)
Authorize + Capture (AUTH_CAPTURE)
This type of transaction is a two-step process. It performs an authorization, immediately followed by a capture.
While this is the most popular transaction type, used by the majority of shopping carts, it is very risky and payment gateways strongly discourage using it (see why below)
Refund (CREDIT):
Credit a previously captured amount back to the customer's credit card.
You can only use this transaction type if the original charge occurred in the last 60 days and the card is still active.
When refunding orders, you can do either a full refund or refund a partial amount.
If you need the ability to issue refunds for older orders, contact your payment gateway provider and ask that they enable Extended credit capabilities for your account.
Void (VOID):
Similar to refund, with the only difference that you are refunding a transaction that took place today (it didn't Settle yet).
When voiding a transaction, you can only void the full amount of the order.
If you need to credit back a portion of the order, wait a day until the payment settles, then issue a refund.
What's wrong with the AUTH_CAPTURE transaction type
The Authorize + Capture transaction type implements the two operations automatically in one call.
To understand why this transaction type is so risky, you need to understand what happens behind the scenes, when a customer is ready to buy and clicks the "Checkout now" button on your website.
The shopping cart software sends a request to your payment gateway, passing the customer's credit card information, amount to charge and transaction type.
The shopping cart software then waits a few seconds to receive an acknowledgment from the payment gateway, indicating the operation completed successfully.
Now, consider something happens along the way and for some reason, the confirmation never comes back. It could be a network issue, timeout, bug or any number of things.
In case your shopping cart software doesn't receive the confirmation back, it assumes the payment did not complete. It is however possible that the payment completed successfully, customer charged, but a timeout occurred before the confirmation message was sent.
While not common, these cases easily lead to duplicate charges (customer will try to place an order again), with the shopping cart system showing a single charge and the customer's credit card statement showing he was charged twice.
To avoid this, always run an authorization first, save the authorization code and then run a capture.
Even if a timeout error occurs, the user will never be double charged. Attempting to capture funds twice using the same authorization code, is not possible.
How SoftwareProjects is using transaction types
When capturing payments:
We always use an Authorization transaction type, followed by a Capture transaction.
You can configure the authorization amount to be higher than the captured amount, to accommodate business models similar to the hotel example.
Note: If your payment gateway is setup to send you email notifications on each action, you will probably see two separate emails per each charge. This is normal. You'll notice the transaction ID in the two emails is the same.
We recommend turning off your payment gateway email notifications and using the shopping cart daily report as a way of keeping track of how well your business is doing.
When issuing refunds:
The system automatically picks a Void or Refund transaction type depending on whether the order was placed today or at an earlier date.
The "transaction type" tells your merchant processor, whether you want to charge the customer's credit card, issue a refund or obtain an authorization code for a specific amount.
People often get confused with all these different transaction types and how they're used, so I wanted to try and clear things up a bit.
With this post, I'll cover the purpose of each "transaction type" and how they're used in the real world.
The same principles apply whether you're processing payments online, offline, using Authorize.net or using any other payment gateway. So it's a good idea to understand how it all works.
Process Flow
Before we dive into transaction types, it will help if we first understand the payment process flow. How money moves from a customer's bank account to yours.
There are lots of tutorials online about transaction types, but I found them all to be way too technical. Here's my attempt of breaking things down, in lamen terms...
Let's meet Dorris.
Dorris is an affluent traveler who loves exotic destinations.
In one of her recent trips to Aruba, Dorris checked-in to the recently renovated Hilton hotel.
The trip was all paid-up in advance, but the guy at the front desk insisted on swiping Dorris' credit card. "This is to cover any incidentals" he said. In other words, help yourself to the minibar. The Cherry Almonds are only $15 a pop...
Dorris hands-over her credit card and the hotel submits an Authorization transaction type, in the amount of $200. The payment gateway responds with a unique authorization code that is saved in the hotel system. Dorris gets her room key and falls asleep as soon as her head hits the pillow. It was a long flight.
A few days later, while shopping at the local market, Dorris suddenly realizes she lost her purse. Credit Cards, driver license and some cash, all gone like dust in the wind.
Dorris gets on the phone with American Express and immediately cancels her credit card. This is the same card she handed to the hotel to cover any potential minibar charges.
A few more days go by. Time flies when you're having fun! It's already Friday and it's time for Dorris to check-out from the hotel.
"I see you have $40 in minibar charges" says the hotel clerk, smiling ear to ear. "We'll go ahead and apply this to the card we have on file. Thank you for staying at the Hilton".
Dorris starts walking towards the door and then she yells "Oh! I lost my card and had to cancel it. I'm sorry".
No problem.
The hotel submits the previously obtained authorization code with a Capture transaction type and the amount set to $40.
Since the authorization was for $200, no matter what happens to the card, how much money is in the account or whether or not the card was canceled. The funds were already reserved and $40 are successfully captured by the hotel's payment gateway.
24 hours later, the transaction settles and funds show up in the hotels' bank account.
There you have it. Now you understand the flow from card authorized to captured to settled.
Transaction Types
Now that we covered the basics, let's drill deeper and review all transaction types:
Authorize (AUTH_ONLY):
Run the card for a given amount and obtain a unique authorization code. The amount will be put on hold and you are guaranteed these funds as long as you use the authorization code in a Capture transaction within 30 days. (How long before an authorization code expires varies by company. Check with your payment gateway)
Customers don't see the authorization as a charge on their statement, but they will see their available funds decrease by the amount you ran the authorization for.
There's an exception here - if the card is a debit card, the transaction will show up in the customer's online statement. Regardless of whether or not the transaction shows up, the rules are the same:
If you don't use the authorization code in a follow-up Capture transaction, the authorization is "dropped", funds returned to the customer's balance and you can no longer use it.
Capture (PRIOR_AUTH_CAPTURE):
Use a previously obtained authorization code to complete the transaction.
The amount captured can be lower than the originally obtained authorization amount (this is useful in cases like our example where you don't know the total order amount ahead of time)
Authorize + Capture (AUTH_CAPTURE)
This type of transaction is a two-step process. It performs an authorization, immediately followed by a capture.
While this is the most popular transaction type, used by the majority of shopping carts, it is very risky and payment gateways strongly discourage using it (see why below)
Refund (CREDIT):
Credit a previously captured amount back to the customer's credit card.
You can only use this transaction type if the original charge occurred in the last 60 days and the card is still active.
When refunding orders, you can do either a full refund or refund a partial amount.
If you need the ability to issue refunds for older orders, contact your payment gateway provider and ask that they enable Extended credit capabilities for your account.
Void (VOID):
Similar to refund, with the only difference that you are refunding a transaction that took place today (it didn't Settle yet).
When voiding a transaction, you can only void the full amount of the order.
If you need to credit back a portion of the order, wait a day until the payment settles, then issue a refund.
What's wrong with the AUTH_CAPTURE transaction type
The Authorize + Capture transaction type implements the two operations automatically in one call.
To understand why this transaction type is so risky, you need to understand what happens behind the scenes, when a customer is ready to buy and clicks the "Checkout now" button on your website.
The shopping cart software sends a request to your payment gateway, passing the customer's credit card information, amount to charge and transaction type.
The shopping cart software then waits a few seconds to receive an acknowledgment from the payment gateway, indicating the operation completed successfully.
Now, consider something happens along the way and for some reason, the confirmation never comes back. It could be a network issue, timeout, bug or any number of things.
In case your shopping cart software doesn't receive the confirmation back, it assumes the payment did not complete. It is however possible that the payment completed successfully, customer charged, but a timeout occurred before the confirmation message was sent.
While not common, these cases easily lead to duplicate charges (customer will try to place an order again), with the shopping cart system showing a single charge and the customer's credit card statement showing he was charged twice.
To avoid this, always run an authorization first, save the authorization code and then run a capture.
Even if a timeout error occurs, the user will never be double charged. Attempting to capture funds twice using the same authorization code, is not possible.
How SoftwareProjects is using transaction types
When capturing payments:
We always use an Authorization transaction type, followed by a Capture transaction.
You can configure the authorization amount to be higher than the captured amount, to accommodate business models similar to the hotel example.
Note: If your payment gateway is setup to send you email notifications on each action, you will probably see two separate emails per each charge. This is normal. You'll notice the transaction ID in the two emails is the same.
We recommend turning off your payment gateway email notifications and using the shopping cart daily report as a way of keeping track of how well your business is doing.
When issuing refunds:
The system automatically picks a Void or Refund transaction type depending on whether the order was placed today or at an earlier date.
 |
Raj, 07-05-2011 |
Hi Mike,
Thanks for sharing this info. I am working on the integration of a payment gateway and it really helped me.
It would be helpful if you can provide answer for below query.
- When you do a Auth + Capture and then Refund, the Refund takes sometime (e.g. 7 to 14 days) to re-credit the amount to card holder's account. What happens in case of VOID transactions? Does it re-credit the amount the same day or it takes same time as a Refund transaction?
Thanks,
Raj
Thanks for sharing this info. I am working on the integration of a payment gateway and it really helped me.
It would be helpful if you can provide answer for below query.
- When you do a Auth + Capture and then Refund, the Refund takes sometime (e.g. 7 to 14 days) to re-credit the amount to card holder's account. What happens in case of VOID transactions? Does it re-credit the amount the same day or it takes same time as a Refund transaction?
Thanks,
Raj
 |
Daniel, 02-20-2012 |
Thanks for a great article.
 |
Arkadia, 01-22-2013 |
Thank you!! I finally have a viable idea for why my store is getting so many duplicate orders. Very well explained and so useful!
 |
Raj Vujji, 05-20-2015 |
I am working on my own eCom website. This info is very useful... Thanks a lot
 |
Mir, 10-10-2016 |
Thanks. A really cool article. And if possible make your own newsletter and add our email there.
 |
joe b, 03-01-2017 |
A really cool article
|
|
Subscribe Now to receive new posts via Email as soon as they come out.
Comments
Post your comments
