Authorization declines

Learn about the different types of authorization declines and how to handle them.

At the time of order creation, Digital River submits a request to authorize a charge on the transaction's payment source. Sometimes, however, this authorization request is declined.

Digital River's proprietary solution maximizes billing success with multiple credit card processors. If an authorization attempt fails with the first credit card processor, we may try billing against a different processor.

When Digital River cannot obtain a successful authorization, we return an error that indicates the reason for the decline.

Do not share the error code with the customer. Doing so may aid parties that are attempting to carry out fraudulent activities.

Some common reasons for authorization declines are incorrectly entered credit card numbers, invalid security codes, and insufficient funds. In the event of a hard or soft authorization decline, you maintain responsibility for communicating with the customer and following Digital River's retry policies.

Hard declines vs. soft declines

There are two major types of authorization declines: hard and soft.

Hard declines are permanent authorization failures. In other words, retrying the payment source won't be successful. They are usually due to irreversible events, such as a payment method no longer being valid because the account was closed or the card was stolen. In these cases, you'll need to inform customers that they must either use a different payment method or fix any payment data that was incorrectly entered.

Soft declines, on the other hand, typically occur when the reason for the decline is temporary. They are often due to insufficient funds or an exceeded daily limit. After a soft decline occurs, retrying the payment source may be successful, but there are certain retry policies that you must observe.

Decline codes for merchant-initiated transactions

For merchant-initiated transactions, the following table explains whether the error code you receive indicates a hard or soft decline. When it's a soft decline, follow the retry policies when submitting additional authorization requests.

You can find a complete list of error codes in our API reference documentation.

Error codeDecline type

account_closed

Hard

card_expired

Soft

card_limit_exceeded

Soft

card_type_block

Hard

card_velocity_exceeded

Soft

declined

Hard

do_not_honor

Soft

fraud

Hard

fraud_block

Hard

insufficient_funds

Soft

invalid_address

Hard

invalid_amount

Hard

invalid_card_bin

Hard

invalid_card_number

Hard

invalid_currency

Hard

invalid_expiration_date

Hard

invalid_pin

Hard

invalid_security_code

Hard

invalid_transaction_type

Hard

issuer_invalid_card

Hard

issuer_not_found

Hard

issuer_unavailable

Soft

limit_exceeded

Soft

lost_stolen_card

Hard

mid_limit_exceeded

Soft

no_response

Soft

pin_try_exceeded

Soft

restricted_card

Hard

stop_recurring

Hard

voice_authorization_required

Hard

Retry policies

You must adhere to the following retry policies when resubmitting an authorization request:

  • No more than one authorization attempt per day per subscription

  • No more than four authorization attempts over a 30-day period per subscription

Additionally, we recommend that you do not schedule retries seven days apart. This prevents the requests from falling on the same day of the week, helping you obtain a higher authorization success rate.

Last updated