.svg){kind=icon}
Card issuer rejection is a frustrating experience for both the merchant and the customer. The payment doesn’t go through, yet the merchant is still charged for the attempt (to cover the cost of the communication technology and fraud checks). The result is a payment decline.
It’s often a result of a customer not having enough funds in their account, but it could also be a sign of attempted payment fraud. That’s one of the main reasons card issuer rejection is important and beneficial: it’s designed to prevent a fund transfer that should not take place.
Card issuer rejection is designed to protect all parties, which is why it’s vital to both in-person and online card payment processing.
In this article, we’ll explain the different types of card issuer rejection, and strategies for dealing with it as a merchant.
What does card issuer rejection mean?
When a customer submits a payment, the card issuer runs certain checks to see if the account is valid, contains sufficient funds, and there is no reason to suspect fraud. If the issuer detects a problem, it blocks the payment. This is known as card issuer rejection, and it leads to a payment decline.
You’ll see from the diagram below that the card scheme (also known as the card network or card brand) sends the transaction request to the issuer to request payment authorization. The issuer then delivers a response of payment accepted or payment rejected, which is passed back to the merchant.
If the issuer detects a problem with the payment request, you’ll receive a response code alerting you that the transaction can’t be processed. Depending on your payment services provider, you may or may not receive a reason for the rejection. You can retry the payment, although you should not do so in all circumstances (we’ll explain more on this, below).
You’ll come across two main types of card decline as a result of card issuer rejection: soft declines and hard declines.
Read more: Bank response codes
Soft decline vs. hard decline
A soft decline means there is a problem with the payment, but it may be temporary, and you can change something to help the payment succeed if retried. A hard decline indicates a serious problem and the payment should not be retried.
Soft declines are by far the most common. Often, they’ll occur because the account contains insufficient funds to cover the transaction. Other times, a soft decline means the issuer would like to see authentication data in the payment request. You can take action to improve the chance a soft decline payment is accepted upon retry. For example, in the event of insufficient funds, you can request partial authorization.
Hard declines occur when the issuer cannot accept the payment request, even if you make adjustments to the transaction message or try again later. This may happen because the account is closed or the issuer has blocked the card (reasons include: the card has been reported lost or stolen or it’s flagged for fraud investigation). To resolve a hard decline, the issuer or cardholder must take action – you cannot resolve it as a merchant.
You should not attempt to retry a payment with the same card if you receive a hard decline, as you’ll face penalties from the card scheme. See more on this in the section “How to manage declined transactions”.
Learn more: Card testing fraud
Why do card issuers decline payments?
We’ve touched on a few of the reasons card payments are declined above. Here we’ll go into a bit more detail about what each means and how you might deal with them.
Incorrect card details
If the customer enters any payment details incorrectly – for example, their name, the card number or the CVV (card verification value) – the card issuer will reject the payment. You can avoid this problem with a technique known as “input masking” which guides the customer to only enter the correct data in each field for an online payment. Modern payment gateway connections such as Flow have this feature built in. It’s very important for increasing conversion at checkout, as it helps to avoid the frustration caused by a payment decline.
Insufficient funds/reached credit limit
Insufficient funds are generally the most common reason for a card decline. The issuer cannot transfer funds that simply aren’t there!
For recurring payments, merchants can avoid this type of card issuer rejection by sending a reminder message to customers the day before their payment is due. In addition, you could use scheduled retries – known as dunning – to attempt payment again in a few days’ time.
If it’s a one-off transaction, then you can simply request the customer retries payment using a different method. You may wish to accept payments via digital wallet, which can include multiple forms of payment as backup in case one or more should fail.
Unusual transaction or suspicion of fraud
Payments that are unusual seem suspicious to the card issuer. If the card issuer is alerted to an odd transaction, they’ll block the payment as a precaution. In many cases, the cardholder is genuine but they’re attempting to pay for something from a new location or for a product or service that doesn’t fit with their normal habits. Often, this will trigger a request for authentication. This means the cardholder may need to take an extra action, such as providing a passcode, face ID or confirmation within an app.
However, it could be that the customer is actually trying to commit fraud, so, as the merchant, you need to be vigilant. Don’t retry a suspicious transaction unless approved to do so by the card issuer.
Lost or stolen card
If the card holder has reported their card as lost or stolen, the issuer will reject the payment. As above, this is to prevent any attempt at fraud. Again, the cardholder could be innocent but may have forgotten to alert their financial institution that they’ve found their lost card. Don’t retry the payment unless you’ve confirmed the customer’s identity.
Expired card
Some cardholders don’t realize that their card has passed its expiry date and is no longer usable. If this happens, you’ll have to ask them to use an alternative means of payment while they renew their card with their issuer. You can avoid this kind of issue with payment tokenization, which automatically updates customer payment credentials if you have them securely stored in a payment vault.
Read more: Card-on-file payments explained
Consequences of issuer declines for merchants
Issuer declines can cause all sorts of problems for merchants, from minor inconvenience if the issue can be quickly resolved to lost revenue if the customer is unable to make a payment. Credit card declines are a top 10 reason for shoppers choosing to abandon their cart during the checkout process, according to research.
But it’s not just a one-off issue.
Rejected payments can also damage merchant-customer relationships and, at their worst, result in the customer choosing not to buy from you again. Indeed, 42% of consumers surveyed report that they’ve been deterred from returning to a website or app following one falsely declined payment.
That’s because, regardless of the reason (and as we’ve seen above, it’s probably because they don’t have enough funds in their account) customers can, in their frustration, blame the merchant.
False declines (when a legitimate card transaction is rejected by mistake) are another big problem. This could be a merchant or card issuer error; either way, four in ten (45%) of consumers refuse to continue with a purchase after a false decline, resulting in a lost payment for the merchant.
How to manage declined transactions
If you experience a soft decline while trying to make a payment, you should do what you can to try and resolve the issue. Depending on the exact situation, you may be able to retry the payment. Checkout.com Recommendation Codes provide guidance on which payments to retry or not retry.
The cardholder may simply need to provide authentication via their payment app or contact their card issuer to resolve the issue. In certain cases, the issuer declines the transaction because of suspected fraudulent activity. The tricky part here is whether the transaction attempt is accurately flagged as fraudulent or not. We’ll go into more detail on that, below.
For in person payments, you will receive an alert and code that explains the issue, you can communicate it to the cardholder and they can try and sort it out. Sometimes, the error code might only say that there has been an issue without any information about what it is. In this case, you should check for connectivity issues, and then ask the customer if they would like to retry payment.
If the customer is trying to make an online (card-not-present) transaction, you can set up automation so that if you receive a soft-decline, it triggers an on-screen message to the customer. The message should explain why the transaction was declined, and let your customer know exactly what to do next. Depending on which device the customer is using to make the purchase, you may be able to collect data from the session to provide additional security information to the issuer (such as the IP address and device ID) to reduce the chances of a payment request decline.
However, if the payment cannot be made via the original method, the best way to avoid an abandoned purchase is to offer your customers as many different payment methods as possible. That way you maximize your chances of a successful purchase.
Whatever the issue, providing an excellent customer experience is critical to avoid damaging the customer-merchant relationship.
Checkout.com has an automated soft-decline retry feature for merchants that’s designed for Strong Customer Authentication (SCA) soft declines in the European Economic Area (EEA) and the UK. It’s automatically enabled for all affected payments.
When a non-3D Secure (3DS) payment is declined, Checkout.com automatically upgrades the payment to 3DS with a link that enables the cardholder to authorize the payment. Find out more about flexible 3DS authentication and learn how you can avoid failed payments.
