Payments can fail for a variety of reasons, from incorrect card information to suspicion of fraud. In fact, there are dozens of decline codes, each one representing a different reason a payment can be declined. While declines help you filter out fraudulent transactions, they can also result in the loss of legitimate payments, hurting your bottom line and your customer experience.
Online businesses face unique challenges when managing card declines. The authorisation rate – the percentage of transactions that you submit and are accepted by the cardholder’s bank – can be 10% lower for online transactions compared to in person. Issuing banks use more conservative logic to approve or deny an online transaction because of the increased risk of fraud, even if it’s a legitimate sale. This causes you to not only lose that particular sale, but can also lead to losing all future sales from that customer. In previous studies, Stripe has found that when high-value customers experience a decline, they transact less frequently in the future and may even move to a competitor.
While there is no way to eliminate network declines completely, this guide will help you understand how to reduce the number of legitimate payments that fail. You’ll learn about the different types of declines, how to improve your authorisation rate and how Stripe can help.
We’ve also put together a list of the most common industry terms related to declines and authorisation, so if you’re unfamiliar with any phrases in this guide, please refer to the glossary.
Understanding network declines
When a customer completes a purchase on your site, your payment provider takes the charge details and sends them through the card networks, such as Visa, Mastercard or China UnionPay, to the issuing bank (the customer’s bank) as a payment request.
This request includes details, such as the cardholder’s address, your business category and transaction amount, encoded into a message referred to as an ISO 8583. Issuing banks use complex logic to decide when to decline charges: there are 128 fields in the ISO 8583 message, and each issuing bank can choose how to interpret and combine them.
Network declines, also referred to as issuer declined charges, mean that the customer’s bank has declined the transaction request. Transactions are typically declined for one of the following reasons: there are insufficient funds available on the card, the card information is wrong or outdated, or there’s suspicion of fraud or incorrect behaviour (for example, if an issuing bank thinks a lost or stolen card is being used). Issuer outages and lack of card authentication can also contribute to failed payments.
Many transactions are categorised as generic declines, showing a "05: Do not honour" decline code. "Do not honour" could mean anything from insufficient funds to multiple denied payments in a row.
Issuing banks use "Do not honour" for a variety of reasons. Their systems may not be set up to return informative decline codes: for example, some banks classify nearly all declines as "Do not honour". Or they may purposely hide the specific reason for the decline, such as if they are investigating a pattern of fraud and have decided not to publicly identify a transaction as suspicious.
How to manage network declines
Managing declines is challenging, especially when you don’t know the specific reason for the failed payment. As a result, many businesses don’t retry declined transactions. Others retry too often, making the situation worse and increasing costs.
A better approach is to customize your strategy based on the type of decline code and the specific issuing bank. For example, you can optimize your chances of successfully saving a failed transaction by targeting the specific reason for that decline, rather than applying a blanket strategy to all declines. Some businesses even add an additional layer of customer segmentation, changing their strategy based on the decline code and the lifetime value of the cardholder.
There are a number of factors that lead to declined transactions, like your business location, business model, customer mix, and more. Here are some best practices that most businesses can use to manage declines, based on the three most common categories for declined transactions.
Stripe can also help you automatically manage declines—learn more in the “How to increase authorization rates” section.
Insufficient funds: Prompt your customer for another payment method or obtain authorization to retry the transaction at a later date, when the original payment method is more likely to have adequate funds. If your customers are in the US, you could ask to rerun the charge on the first or 15th of the month (when many Americans get paid). If you run a subscription business, Stripe’s Smart Retries can help you recover more revenue by retrying payments when they have the best chance of success, based on signals from the Stripe network.
Inaccurate or outdated card information: If charges from first-time customers are declined due to inaccurate card details, it’s likely that they simply made a mistake when entering their card information, so reach out and ask them to re-enter it. If transactions are declined using cards you have on file, the card information is likely outdated. Ask your customers to update their credentials and ensure that your payment provider or processor offers a card account updater, network tokenization, or a similar service to automatically update your customers’ expired or renewed card numbers.
Suspicion of fraud: Rather than risk retrying a fraudulent transaction, make sure you have fraud prevention and management tools in place to help detect and block illegitimate charges. These tools can provide additional details about the customer and transaction that prove they are legitimate, giving you more confidence on whether to retry the charge.
Keep in mind that card networks impose restrictions on how many times you can retry a transaction. For example, many card networks only allow 4 to 6 retries within a 15-day window.
How to increase authorisation rates
Having a perfect authorisation rate – with zero declines – is nearly impossible, especially if you process substantial payment volume. However, if you closely monitor your authorisation rates, you'll be able to notice if and when network declines spike and take appropriate action. Even small improvements can have a big impact: some large businesses have increased their authorisation rate by just 0.5% and captured millions of dollars in additional revenue each year.
There are a number of things you can do to increase your authorisation rate, including:
Collect and submit additional billing information: Make sure that you're including as much information as possible in the charge requests, which gives the banks more details to verify legitimate transactions. In particular, passing the ZIP code or postcode and CVC can help improve authorisation rates for businesses in the US and UK.
Optimise your payment flows: If your business schedules services for a future date, determine when you will charge the customer and how much. Let's say you own a car rental company and customers schedule a rental for one month away. Will you charge them at the time of booking or once the rental is complete? Will you place a £10 or £100 hold on their payment method? A £10 hold is more likely to go through, but if the rental costs more than £10, you could risk not collecting the full payment later. The optimal payment flow is a balance between customer experience, conversion rate and costs, which will look different for every business.
Keep your fraud rates low: Businesses with high chargeback rates – the number of customers who dispute a payment with their bank – tend to see more declines. We recommend that you use a machine learning fraud solution such as Radar for Fraud Teams, which lets you choose how aggressively you want to block suspicious payments depending on your appetite for risk, write custom rules and get advanced fraud signals.
Accept digital wallets: Apple Pay and Google Pay lead to higher acceptance rates thanks to two-factor authentication, where customers enter a password or biometric ID.
Enable card account updater: Make sure that your payments provider or processor offers card account updater, which automatically updates your customers' expired or renewed card numbers and reduces declines. Postmates experienced a 1.72% uplift from card account updater, leading to US$60 million in revenue.
Enable network tokens: Network tokens are payment credentials that are specific to a card-merchant pair that can substitute PANs for online purchases. Network tokens help deliver higher authorisation rates by ensuring that the latest credential is used for your payments – if the underlying PAN associated with a network token changes or expires, the token will remain up to date and usable. This reduces the number of charges declined due to outdated credentials, increasing authorisation rates. Network tokens can also help reduce your network costs for users on custom interchange pricing by leveraging tokenised incentives from card networks. Learn more about how network tokens work.
Authenticate payments when required: If your customer's bank supports 3D Secure, you may have to authenticate certain payments (such as requiring customers to use their fingerprint or enter a password). With Stripe's Payment Intents API, we automatically claim SCA exemptions when possible and maximise conversion by only requesting authentication when absolutely necessary.
Set up local Stripe accounts: Create new, local Stripe accounts as you expand globally. New countries leverage the same Stripe API infrastructure and can be turned on with no incremental engineering work. Using locally optimised acquiring services helps you maximise acceptance rates (because banks are often more likely to approve domestic payments) and removes foreign and cross-border fees for customers.
These best practices also apply if you have a recurring revenue business, where you charge your customers on a regular basis or use stored payment information. However, there are some additional ways that you can improve authorisation rates that are specific for recurring or subscription businesses:
Automate customer outreach: When you only have a handful of failed payments a month, it's easy to call or email each customer and ask them to remedy the situation (whether that's by using a new payment method or updating payment information). However, as your business grows and you have to manage hundreds of customers with declined payments, this approach becomes less manageable. A more scalable way to communicate with your customers is to send automated failed payment emails whenever a payment is declined.
Experiment with retry cadence: Many businesses retry failed transactions on a set schedule, such as every seven days (this process is known as dunning). Experiment with different cadences to learn what is most effective for your business or find a payments provider that automates the dunning process and allows you to adapt it based on your customers' preferences.
Create different payment plans: If your business receives a lot of declines due to insufficient funds, consider creating more flexibility in how you charge customers. For example, if you only offer an annual plan, consider creating a monthly or quarterly plan to help customers better manage their cash flow.
How Stripe can help
Stripe's solutions have generated billions in additional revenue for businesses by helping prevent legitimate charges from being declined. Stripe's payments infrastructure is highly available, helping prevent declines due to processor downtimes. If processor downtime does occur, Stripe can dynamically route payments to the best connections. For example, Stripe automatically shifts volume when Visa's US data centres go down for maintenance. Stripe is also directly integrated with six major global card networks, reducing potential system errors from handoffs between systems and allowing us to gather better data on any given transaction outcome.
Stripe offers five features you can use to increase authorisation rates: Enhanced Issuer Network, Adaptive Acceptance, Smart Retries, card account updater and network tokens.
Enhanced Issuer Network
Stripe's Enhanced Issuer Network is a set of partnerships with major US card issuers and networks. Stripe shares fraud scores from Radar, its fraud prevention solution, through an encrypted pathway with Capital One and Discover to help fight fraud. This helps mitigate checkout frustration for customers and improve payment authorisation models.
Issuers already operate their own fraud detection models, yet they only have partial information about a transaction, which reduces their accuracy in determining whether to approve or deny it. Using Radar fraud scores for transactions in tandem with the information the issuer already has leads to more accurate fraud determinations.
Stripe users automatically benefit from the Enhanced Issuer Network, seeing an average 8% reduction in fraud and an improvement of 1-2% authorisation rate uplift on volume processed from Capital One and Discover.
Stripe's Adaptive Acceptance uses machine learning models to selectively retry payments declined by the issuers in real time, before a response is returned to the customer. Stripe dynamically adjusts different factors in the payment request to increase the chances of acceptance, running dozens of experiments with different issuing banks at the same time to understand which treatment is most likely to result in a successful payment – within milliseconds. For example, let's say some customers in the UK quickly type their postcode in all lowercase, with no spaces, into a checkout form. Stripe would notice this pattern and test a variety of variations to find out if a certain postcode format gets better authorisation rates than others. By running these tests with different issuers at the same time, the machine learning models learn which treatment is most effective for which bank.
With recurring revenue businesses, if you get a decline at the beginning of the billing cycle, there’s still time to recoup the sale. Many businesses will retry failed transactions later, which is referred to as dunning. Most approaches to dunning use a very basic time-based logic, such as waiting for seven days, then retrying. Wait seven more days, retry – and so on. At Stripe, we’ve built a more sophisticated approach, called Smart Retries, using machine learning and the vast information we see across the Stripe network. For example, we look at issuer behavior (such as when the issuing banks change their review thresholds), check for card updates, and analyse activity across Stripe to see if the payment method is being used successfully. Stripe then uses this information to choose the optimal times to retry failed payments attempts, in order to increase the chance of successfully paying an invoice.
Card account updater
Transactions can continue to be processed with saved payment details even if the physical card has been replaced by the issuing bank, which often results in declines. Stripe works with card networks and automatically attempts to update saved card details whenever a customer receives a new card or in real time when a transaction takes place with the new card (e.g. replacing an expired card or one that was reported lost or stolen). This offering allows your customers to continue using your service without interruption, reduces the need for you to collect new card details whenever a card is replaced and decreases the chances of declines.
Automatic card updates are widely supported in the United States, allowing Stripe to automatically update most American Express, Visa, Mastercard and Discover cards. International support varies from country to country.
Using these techniques, Stripe has generated billions in additional revenue for businesses by dynamically preventing legitimate charges from being declined.
Network tokens are a card network solution that can substitute primary account numbers (PANs) for online purchases. Network tokens are unique to an individual user. Stripe works with payment networks to tokenise a user's repository of PANs into network tokens and maintains them so they stay up to date, even if the underlying card data changes. For example, if a customer lost their card, Stripe would be notified by the network and update the token directly so it would continue to work without the customer having to update their payment information. Stripe's network tokens solution works out of the box for all businesses using Stripe Payments, meaning you can benefit from increased authorisation rates without any integration work. Network tokens work in tandem with other Stripe optimisations to further boost authorisation rates.
The percentage of transactions that you submit and are accepted by the card networks.
Card account updater
Works with all major card networks to update your customers’ expired or renewed card numbers automatically to reduce failed payments.
Process transactions between merchants and issuers and control where credit cards can be accepted. They also control the network costs. Examples include Visa, Mastercard and American Express.
A number (such as "05") or phrase (such as "expired_card") that indicates the reason for a declined transaction.
Do not honour
The most common decline code, "Do not honour" refers to a generic decline. The issuing bank doesn’t explain why the transaction was declined and prompts the customer to contact his or her bank for more information instead.
The process of recovering declined or failed payments for recurring revenue businesses.
Any false or illegal transaction. It typically occurs when someone has stolen a card number or current account data and uses that information to make an unauthorised transaction.
The bank that issues credit and debit cards to consumers on behalf of the card networks.
The percentage of transactions that are accepted or declined by the issuing bank. A decline can occur due to outdated credentials, suspicion of fraud or insufficient funds.
Also referred to as issuer declined, network declines mean that the customer’s bank has declined the transaction request.
A payment credential substitute for a raw PAN that is generated by the card networks and provisioned by Stripe.
Primary account number (PAN)
The 15- or 16-digit numbers found on every credit or debit card.