On This Page
The various services used to process payments are at the heart of payment processing. These services enable customers to purchase goods and services, merchants receive payments from the customer's accounts, merchants to provide refunds, and merchants to void transactions.

Online Authorizations

Online authorizations provide immediate fund availability confirmations. The customer's financial institution also reduces the amount of credit available in the customer's account, setting aside the authorized funds for the merchant to capture a later time. Authorizations for most payment cards are processed online. Typically, it is safe to start fulfilling the order once you receive an authorization confirmation.
An online authorization confirmation and the subsequent hold on funds will expire after a specific length of time. Thus it is important to capture funds in a timely manner. The issuing bank sets the expiration time interval but most authorizations expire within five to seven days.
The issuing bank does not inform
Cybersource
 when an authorization confirmation expires. By default, the authorization information for each transaction remains in the
Cybersource
 database for 60 days after the authorization date. To capture an authorization that expired with the issuing bank, you can resubmit the authorization request.

Offline Authorizations

Online transactions require an internet connection. In situations where the internet is not available, for example, due to an outage, merchants can continue to take credit card payments using offline transactions. An offline authorization is an authorization request for which you do not receive an immediate confirmation about the availability of funds.
Offline authorizations have a higher level of risk than online transactions because they do not provide fund availability confirmations or set aside the funds for later capture. Further, it can take up to five days to receive payment confirmations for offline transactions. To mitigate this risk, you can choose to only fulfill orders after receiving payment confirmations.

Incremental Authorizations

Incremental authorizations are useful when a customer adds products and services to an initial purchase. After a successful initial authorization, you can request subsequent authorizations and request one capture for the initial authorization and the incremental authorizations.
The incremental authorization service is not the same as the incremental authorization scenario for a merchant-initiated transaction. The incremental authorization service has these limitations:
  • Maximum of 100 incremental authorizations per transaction, in addition to the initial authorization.
  • Interchange optimization is not supported.
  • Split shipments are not supported.

Example

  1. The customer reserves a hotel room for two nights at a cost of 200.00 per night. You request an authorization for 400.00. The authorization request is approved.
  2. The customer orders dinner through room service the first night. You request an incremental authorization of 50.00 for the dinner.
  3. The customer decides to stay an extra night. You request an incremental authorization of 200.00 for the additional night.
  4. The customer uses items from the mini-bar. The cost of the mini-bar items is 50.00. You request an incremental authorization of 50.00.
  5. When the customer checks out, they sign a receipt for 700.00, which is the total of all costs incurred.
  6. You request a capture for 700.00.

Capture Workflow

  1. The merchant sends one or more transaction capture requests to the merchant bank (acquirer).
  2. The merchant bank sends the capture package to the payment network.
  3. The payment network forwards the capture package to correct the customer bank (issuer).
  4. The customer bank settles the transactions and transfers the money to the merchant bank (acquirer).
IMPORTANT
The payment processor does not notify
Cybersource
 that the money has been transferred. To ensure that all captures are processed correctly, you should reconcile your capture requests with the capture reports from your processor.

Sales

A sale is a bundled authorization and capture. Some processors and acquirers require a sale transaction instead of using separate authorization and capture requests. For other processors and acquirers, you can request a sale instead of a separate authorization and capture when you provide the goods or services immediately after taking an order.
There are two types of sale processing: Dual-Message Processing and Single-Message Processing.

Dual Message Processing

Dual message processing, as the name indicates, is a two-step process. The authorization is processed first. If the authorization is successful, the capture is processed immediately afterward. The response includes the authorization and the capture information. If the authorization is declined, the capture is not processed, and the response message only includes the authorization information.

Partial Authorizations

All debit and prepaid card processors as well as a limited number of credit card processors support partial authorizations when using dual message processing.
When partial authorization is enabled, the issuing financial institution can approve a partial amount when the balance on the card is less than the requested amount. When a partial amount is authorized, the capture is not processed. This enables the merchant to use a second card to cover the balance, adjust the total cost, or void the transaction.

Single Message Processing

Single message processing, as the name implies, treats the authorization and capture as a single transaction. There are important differences for single message processing:
  • Single message processing treats the request as a full-financial transaction, and with a successful transaction, funds are immediately transferred from the customer account to the merchant account.
  • Authorization and capture amounts must be the same.
  • Some features cannot be used with single message processing.

Authorization Reversals

An authorization reversal releases the hold that an authorization placed on the customer’s payment card funds.
Each card-issuing financial institution has its own rules for deciding whether an authorization reversal succeeds or fails. When a reversal fails, contact the card-issuing financial institution to learn whether there is a different way to reverse the authorization.
If your processor supports authorization reversal after void (ARAV), you can reverse an authorization after you void the associated capture. If your processor does not support ARAV, you can use the authorization reversal service only for an authorization that has not been captured and settled.
An authorization reversal is a follow-on transaction that uses the request ID returned from an authorization. The main purpose of a follow-on transaction is to link two transactions. The request ID links the follow-on transaction to the original transaction. The authorization request ID is used to look up the customer’s billing and account information in the
Cybersource
 database. You are not required to include those fields in the full authorization reversal request. The original transaction and follow-on transaction are linked in the database and in
the
Business Center
.
For processors that support debit cards and prepaid cards, authorization reversal works for debit cards and prepaid cards in addition to credit cards.
IMPORTANT
You cannot perform an authorization reversal if a transaction is in a review state, which can occur if you use a fraud management service. You must reject the transaction prior to authorization reversal. For more information, see the fraud management documentation in
the
Business Center
.

Capture or Credit Voids

A void cancels a capture or credit request that was submitted, but not yet processed by the processor.
Capture and credit requests are usually submitted once a day, so the window for voiding a capture or credit request is relatively short. A void request is declined when the capture or credit request has already been sent to the processor.
After a void is processed, you cannot credit or capture the funds. You must perform a new transaction to capture or credit the funds. Further, when you void a capture, a hold remains on the authorized funds. If you are not going to re-capture the authorization
and if your processor supports authorization reversal after void,
 you should request an authorization reversal to release the hold on the unused credit card funds.
A void uses the capture or credit request ID to link the transactions. The authorization request ID is used to look up the customer’s billing and account information, thus there is no need to include those fields in the void request. You cannot perform a follow-on credit against a capture that has been voided.