The credit card issuing and processing industry is a multibillion-dollar industry that has become an intrinsic part of everyday life. A key step in the processing of a credit card payment is to check whether the cardholder has the funds or the credit to pay for a purchase. If a credit card issuer approves a particular transaction, it will generate an authorization code to confirm the payment.
When a client provides a merchant or service provider with her credit card details, these details are encrypted and sent to card issuer as an authorization request through a gateway service provider. The gateway provider deciphers the request and sends it to the appropriate credit card association: Visa, MasterCard, American Express or Discover. The credit card association then filters the request to the issuing bank, which checks the cardholder's account and verifies there are sufficient funds. If the transaction is approved, the bank issues an authorization code and sends it back to the point of sale.
If an authorization request is declined by the credit card issuer, a denial of service message is sent to the point of sale. In this case an authorization code is not generated and the transaction is canceled. A credit card authorization request may be denied for several reasons, such as expiration of the card, insufficient funds, or because it exceeds limits set by the credit card account.
Credit card authorization codes are usually six or seven digits long. The code is generated by combining information held on the credit card and information related to the transaction, such as the location, time and dollar amount. The code allows the transaction to be recorded so it can later be checked or even reversed. The authorization code is usually printed on each receipt. If the point-of-sale device does not have this capability, the code should be written on the sales receipt.
Credit cards also have a code that provides an added level of protection from fraud. This code is printed either at the back, for Visas and MasterCards, or at the front, for American Express cards. Cardholders must provide this code to authorize transactions where there is no face-to-face interaction and identity is harder to prove, such as online or over-the-phone purchases. In theory, only the legal cardholder will have access to the physical card containing the security code required to authorize the transaction.
- Jupiterimages/Polka Dot/Getty Images