Five reasons why card payments are declined and how to fight back

Various studies put the level of declined card payments anywhere between 5-10%. For recurring payments — think subscriptions, installments, monthly bills — this tends to be higher, and even higher again for global acquiring.

It’s not all bad news, of course. Credit card declines can benefit merchants, preventing fraudulent payments being the obvious example. But declines also represent lost revenue, the marketing cost of creating the sales opportunity again, and the admin cost of chasing overdue payments. Not to mention that 44% of consumers will give up a purchase with a merchant when experiencing a decline.

The first step to improve your payment success rate is to understand why payments are declined. In this article, we look at some of the main reasons why a card payment may fail — and offer some solutions on what you can do about each.

Lack of funds or hold on the card

It seems rather obvious, but if your customer doesn’t have enough funds in their bank account, or has reached their credit limit, then there’s no money available to transfer. Whereas merchants can’t be responsible for their customers’ spending habits, there are steps you can take to wrestle more control.

Solutions: failed payment notifications and alternative payment options

Speed of communication is critical. Triggering a message to your customer in real-time while they’re still in purchasing mode makes them more likely to retry straight away. Another idea is to provide customers the ability to spread out the cost of their payment using Buy-Now-Pay-Later (BNPL) options like that offered by Klarna. In the UK, over 9.5 million consumers say they'll avoid buying from retailers that don’t provide BNPL as a payment method.

But what about a recurring payment, where the customer is not aware — though they have given permission — that a payment is being attempted? The answer here is to use data to ‘learn’ the optimum time to schedule the payment for success. Patterns in income and spending can reveal this — for example, it may be wise to avoid the day before a salary lands or after a mortgage payment.

Checkout.com offers a subscription payment processing service that prioritizes both security and user-friendliness. By leveraging our solution, you can effectively handle recurring payments, leading to improved management and customer satisfaction.

Read how Emina Zahirovic, Head of Payments for North America at HelloFresh, uses data to optimize payment acceptance.

Unverified customer

Merchants should see customer authentication as a positive. It helps ensure fraudsters aren’t using a card illegally, with the chargeback penalties to a merchant that can ensue. But authentication can also generate false positives — that is to say, the system fails to identify a genuine payer. With the introduction of Strong Customer Authentication (SCA) in Europe and harsher penalties for non-compliance, merchants are increasingly erring on the side of caution and the presumption of fraud.

Solution: 3DS2

The emergence of 3D Secure 2.0 brings a level of automation and accuracy to the payer authentication process. The new protocols allow for the exchange of over 100 data points between the merchant and the payer’s card issuer to assess the probability that the payer is genuine.

One-time passwords (OTP), biometric authentication such as fingerprints or facial recognition, and QR codes for mobile applications bring a further level of relatively frictionless authentication. Adopting 3DS2 shifts the burden of proof to the strong probability of fraud and so facilitates more genuine payments that may have otherwise been stopped.

Checkout.com is now 3DS 2.3.1 certified by EMVCo, the technical body that manages and promotes secure payment networks. The certification has allowed us to further enhance our payments and fraud prevention capabilities, helping our clients reduce cart abandonment and customer friction while improving payment performance.

Learn more about Checkout.com's authentication solution.

Fraud triggers

It’s not just an unauthenticated customer that can stop a payment in its tracks. Fraud alerts can also be triggered by suspicious activity, such as anomalies in purchasing patterns, bulk buying, or transacting from an unfamiliar device or IP address. Banks carry the risk and so tend to be over-cautious — for every $1 in fraudulent online payments, $25 of genuine online payments are falsely declined. But merchants are not entirely without influence in these decisions.

Solution: business prioritization

Bank fraud algorithms are complex, but they basically boil down to probability. The two key factors they look at are the volume of transactions and the percentage of payment success. So the key is to improve payment acceptance over time while increasing transaction volumes. The latter is largely a function of sales and marketing. But your payment strategy should have a say. Counter-intuitively, it may be that your business is better off generating fewer transactions (for a period) and concentrate instead on ensuring more of them go through successfully.

Working with a payment provider that gives you a granular level of payments data can help identify those issuers declining payments most often. Your PSP can then reach out to those issuers, either directly or through the schemes, to uncover the reasons those payments are getting declined and resolve the problem.

Canceled or expired card

The problem of payments being declined because of ‘old’ cards is a particular issue for businesses with a recurring revenue model. Often the customer inputs their card details once and then gives the merchant permission to take future payments using the same card. Success relies on that specific card being in use; or the customer remembering to update their payment details with the merchant.  

Solution: Network tokenization

Not so long ago, prompting customers that their card was soon to expire, or had expired, was the only way for merchants to tackle the challenge of old cards. The arrival of ‘tokenization’ has changed that.

In tokenization, the customer's card is replaced with a series of randomly-generated numbers — the “token” —  supplied by the card issuer. Unlike cards, tokens have no expiry date, and therefore eradicate the risk of involuntary churn. The higher security level with tokens also serves to combat fraud and improves payment success rates.

Checkout.com empowers businesses by equipping them with the necessary software to generate PCI tokens, thereby enabling payment tokenization. Moreover, we offer the flexibility to seamlessly integrate PCI tokenization into your comprehensive payments strategy.

Cross-border transactions

Businesses with international ambitions will find that the banking ecosystem is not as orderly as they may like. Often ‘middle’ banks need to become involved between the acquiring and issuing banks; currency exchange may add yet another party to the chain, and a dislocated landscape of different systems, regulations and fraud rules needs to be overcome. All of this adds extra steps and pitfalls to the smooth processing of a payment.

Solution: intelligent payment routing

Transacting locally will go some way to shortening the chain and lowering the hurdles. But opening a business bank account in every country you trade in comes at a cost. Most governments will require you to have a legal entity in the country, which can be an arduous exercise. One answer is to work with a platform that does all the compliance and regulatory leg work for you.

But increasingly, merchants are adopting intelligent routing instead. Traditionally the flow of money between banks follows a 9-digit number associated with the banks. Think of it as a postal zip code. But when that route becomes congested by different banking systems, regulations and fraud triggers, as examples, the transaction needs an alternative way through. Intelligent routing works by ‘routing’ the payment request through a third-party platform with access to a broader network of banks. The platform identifies the most efficient route between all the available banks, and crucially the most likely to accept the transaction. If it gets it wrong, the payment is submitted to the next likely bank in the list until the payment request is accepted and processed.

Of course, intelligent routing is not just a fix for cross-border transactions. Anywhere there is the potential for a payment to be declined, an intelligent routing solution can benefit.

Checkout.com’s new Intelligent Acceptance product can help you with payment routing, including deciding which payment network to route the payment down. At the pre-processing stage, this increases conversion rates by ensuring the payment rail with the highest chance of acceptance is used. Intelligent Acceptance also makes use of machine learning for continual optimization, and network tokens, which disguise a card’s primary account number (PAN), to maximize security.

Incorrect payment information

Cardholders can sometimes supply incorrect details - for example, the wrong billing address - that don’t match the information that the bank has on file for that card. This could be a genuine mistake or attempted fraud. Either way, if there is an address mismatch, the bank will communicate this information to you so that you can decide whether or not to accept or decline the payment. A merchant may still decide to go ahead with the payment, even if there is an inconsistency in the payment information, depending on their risk appetite. It may simply be that there are multiple ways to format the address and the customer is otherwise low risk.

Solution: Address Verification Service (AVS)

AVS is a tool that merchants can use to authenticate online customers during card-not-present transactions. It’s offered by Mastercard, Visa, Discover, and American Express, though it only applies if the cardholder’s address is the US, Canada, or the UK.

An AVS check simply compares the numeric values of the address supplied by the customer when making a purchase to the address the issuing bank has on file for that cardholder. The bank uses response codes to inform the merchant of the result, which could signify: a full match, a partial match, no match, the card is international, or the information is unavailable. Every card network uses different codes. You can then use this information to make an informed decision on how to route the transaction.

It’s important to note that not all AVS mismatches are fraudulent, and, likewise, not all AVS matches are legitimate. AVS alone should not be used to verify a customer’s identity. However, it is useful as part of a comprehensive anti-fraud strategy.

How Checkout.com can help you with card payment declines

In every case, data is the key. Firstly, data can tell you how many payments are ending in failure and segment this picture by geography, sales channel, product line and other filters, so you know where to pinpoint your efforts. More data will tell you the reason for a payment failure, and therefore the appropriate remedy. As we have previously looked at, payment data is increasingly part of the solution too, be it to drive smart algorithms, validate identification, or trigger customer alerts.

Once you accept the importance of fighting payment declines and the role of data in that strategy, the next question is how. This is all highly complex stuff, and going it alone can end up sucking more budget than if you had just sat back and accepted the costs of failed payments. Equally important is understanding the trade-offs at play; improved authentication measures may create more friction in the payment experience, for example.

For many businesses, the answer is to select the right Payment Service Provider (PSP) that is large enough to address payment success within your broader payments ecosystem.

‍