Authorization Rate
Definition
Authorization rate is the share of payment attempts approved by the issuing bank — the primary metric for payment stack performance.
Authorization rate is the percentage of payment authorization requests that are approved by the issuing bank. Calculated as approved transactions ÷ total authorization attempts. Industry benchmarks: 85–92% for card-not-present e-commerce, 95–99%+ for card-present retail. Below-benchmark authorization rates directly reduce revenue and are a primary lever in payment optimization.
Authorization rate is the metric that determines how much of your addressable payment volume actually converts to revenue. A merchant processing 10,000 transactions per day at an 88% authorization rate loses 1,200 sales before any fraud or decline is intentional.
What Drives Authorization Rate
Declines fall into two categories: soft declines (retriable) and hard declines (terminal).
Soft declines — the majority of declines — are issuer-side decisions that can be resolved:
- Insufficient funds (temporary — retry after payday cycles)
- Do not honour (generic issuer rejection — often retriable with better authentication data)
- Velocity limit exceeded (card used too frequently in a short window)
- Card not enrolled for 3DS (contact issuer)
Hard declines signal permanent rejection:
- Card reported lost or stolen
- Account closed
- Invalid card number
- Fraud suspected (card network or issuer block)
Authorization Rate by Transaction Type
| Transaction type | Typical auth rate | Primary driver |
|---|---|---|
| Card-present (chip/NFC) | 98–99% | Low fraud risk, strong cardholder verification |
| Card-not-present, 3DS authenticated | 90–95% | Liability shifted to issuer reduces declines |
| Card-not-present, no 3DS | 82–89% | Issuer bears fraud risk, applies higher scrutiny |
| Recurring / card-on-file (MIT) | 78–88% | No real-time cardholder authentication; card expiry risk |
| Cross-border (different issuer country) | 75–85% | Issuer unfamiliarity with merchant, FX complexity |
How Merchants Improve Authorization Rates
Network tokenization — replacing PAN with a network token (Visa VTS, Mastercard MDES) improves auth rates by 2–4 percentage points on average. Issuers trust tokenized credentials more than raw PANs because tokens are cryptographically bound to the merchant.
3DS2 frictionless flow — properly authenticated transactions shift liability to the issuer and often receive preferential treatment in the issuer's authorization model.
Account updater — automatically refreshes expired or reissued card credentials before the customer even notices. Critical for subscription merchants where 10–15% of stored cards expire annually.
Retry logic — softcoded declines (soft declines) should be retried with appropriate delay. Immediate retry on a soft decline rarely works; a 24–72 hour wait often does.
PSP routing — different acquirers have different issuer relationships and BIN routing logic. Multi-acquirer strategies can route specific card ranges to the acquirer with the highest historical approval rate for that BIN.
Authorization Rate vs. Approval Rate
These terms are sometimes used interchangeably but are technically distinct:
- Authorization rate = approved / attempted (includes all attempts, including those blocked by your own fraud rules before reaching the network)
- Approval rate = sometimes used to mean authorization rate, sometimes used to mean the rate after your own fraud filters
Always confirm which definition your PSP or acquirer is reporting before benchmarking.
Related terms
Acquirer
An acquirer (or acquiring bank) is a licensed financial institution that process...
Chargeback
A chargeback is a forced reversal of a payment card transaction initiated by a c...
Interchange
Interchange is the fee paid by the acquiring bank (or PSP) to the card-issuing b...
Issuer
An issuer (or issuing bank) is the financial institution that provides payment c...
Strong Customer Authentication (SCA)
Strong Customer Authentication (SCA) is a regulatory requirement under the EU's ...