Open authorization rules have changed in the last 18 months, so how merchants handled transactions in the past may not be the same today. Because the changes involve a string of ‘messages’ that previously were non-existent, there has been some difficulty in upgrading all the elements to communicate with each other, between different parties. Imagine the myriad of ways that merchants communicate – software, terminals, gateways etc. A standard message string has to be established and then everyone’s systems updated to use that string. A merchant needs three elements in sync to optimally manage a transaction:
- The credit card processor or acquirer. Not all processors support all types of transactions to date.
- The payment gateway, if applicable. Not all gateways support all types of transactions to date.
- The merchant terminal programming. may or may not support however, system updates are expected to continue.
- Consumers – They benefit by open authorizations are not unnecessarily held on their cards.
- Merchant- ‘penalty’ fee if they leave an open auth
- Merchant- higher interchange if the transaction clears for an amount different than the original authorization
- Merchant- B2B companies are impacted if they auth on order, but ship later, or split shipments based on availability
- Processor/ acquirer-
- Software developers- every shopping cart and application has the potential
It’s also important to recognize is that if you settle a transaction for an amount different than the original transaction, a higher interchange rate will apply.
“Nullification of an authorized transaction (sale) that has not been settled. If supported by the card issuer, a reversal will immediately “undo” an authorization and return it to the open-to-buy balance on a cardholder’s account. Some card issuers do not support reversals.” Source Wikipedia
A credit reversal is different than a void. A void will cancel the transaction, but leave an open authorization. So if a cashier makes a mistake and voids a transaction, but then runs through again, there consumer will have 2 auths on their card, UNLESS the cashier completes a force to bring up the prior authorization.
MasterCard Authorization Reversal Requirements
With this release, MasterCard is expanding the existing authorization reversal and clearing mandate to state all acquirers must clear or reverse all authorized Debit MasterCard, Maestro, and MasterCard- branded transactions for all MCCs, except for the following:
• MCCs 3351–3441 (Car Rental Agencies) • MCCs 3501–3999 (Lodging–Hotels, Motels, Resorts) • MCC 4411 (Cruise Lines) • MCC 7011 (Lodging–Hotels, Motels, Resorts—not elsewhere classified) • MCC 7512 (Automobile Rental Agency—not elsewhere classified)
A processing integrity fee will be billed to acquirers in the U.S. region for account ranges branded as MasterCard, Maestro or Debit MasterCard (including prepaid) and whose authorizations are either not cleared or reversed (full or partial) in accordance with the following timeframes:
• Reversed within 24 hours of the original Authorization Request/0100 message in a card present environment or
• Reversed within 72 hours of the original Authorization Request/0100 message in a card-not-present environment
• The processing integrity fee will apply when instances such as the following are true:
• The cardholder cancels or chooses not to complete all or part of the transaction
• The authorization was submitted in error (for example, a duplicate request)
• All or a portion of the goods or services could not be provided (for example, out-of- stock items)
• The final transaction amount was less than the authorized amount
Source: First Data 2011
The new rules apply to both MasterCard and Discover. When this was first announced, it was quickly apparent that virtually no one could support it. Even if gateways could be modified, the processors had no transaction language to make it to occur. Therefore, merchants essentially were put into a situation where the authorization is automatically released, and they pay the penalty integrity fee. Since that time, support has expanded for full authorization reversal, but partial auth reversal is still limited, largely due to processor limitations, not gateways.