There’s a difference between taking a card payment and reserving an amount on a customer’s card. The latter is referred to as ‘authorisation hold’, ‘preauthorisation’ or ‘preauth’ for short.
Hotels and rental services of cars and other expensive equipment often require a deposit or reassurance that you’ll finance the total cost at the end of the service. A common way to do this is by processing a debit or credit card so that a specified amount is temporarily placed on hold in the customer’s account.
The money is held for a limited time, up to 5-30 days, until either the merchant finalises (‘captures’ or ‘authorises’) the card transaction or the bank returns the amount to the customer’s available balance (for instance, if it times out).
A preauthorisation is a temporary (‘uncaptured’) hold of a payment amount on a customer’s credit or debit card, to be completed (‘captured’) in a future transaction.
While the money is held, the cardholder cannot spend it. The amount is effectively deducted from the total account balance, but in a pending state as the payment is not yet sent (‘settled’) in the merchant’s account. When the time comes for the customer to pay up their bill, the reserved amount is converted into a completed transaction by the merchant.
How it works
A preauthorisation can be processed electronically via a card machine (in person), or via manual entry on a card machine or virtual terminal web page. Certain setups also allow the customer to process their own authorisation hold on a payment page online. Let’s dig into how these methods work.
On a card machine
If the cardholder is seeing you in person, you should follow the steps for contactless or chip and PIN authorisations, as this is more secure and usually cheaper than manually entering card details.
When the customer arrives in person to check in or use your service, you go to the preauthorisation screen on the card machine, enter the deposit amount, then hand the terminal to the customer. The customer’s credit or debit card is swiped, tapped or inserted, followed by PIN entry as a normal transaction.
If you’re talking to the customer on the phone, you may manually enter the card details on the card terminal. If this is allowed by your payment provider, you will need to also comply with PCI-DSS regulations, which dictates the security and confidentiality protocols for handling card details.
In a virtual terminal
A virtual terminal is a web page on which the merchant can enter and process a transaction on behalf of the cardholder. It should be used only while the merchant talks to the customer, as it is not recommended to type and store card details elsewhere like a piece of paper.
Many virtual terminals have the option to choose preauthorisation as the “transaction type”. Once you’ve selected that, just fill in the required amount, card and customer details and click to complete the authorisation hold.
On a web page (for customer)
The customer may complete their own preauthorisation on certain online checkout pages, for example online booking websites.
To set this up, the merchant should check if their ecommerce solution offers this as a checkout option, then follow the steps to implement it.
Takepayments’ pay-by-link solution allows your to send preauth links to clients. Photo: Mobile Transaction
Otherwise, you may be able to send the customer a link over email or text message that goes to a web page with the amount to preauthorise. This is only available from some payment providers with a monthly fee, such as Adyen and Takepayments.
With any of these methods, you should explain to the customer what you are doing and how the preauthorisation works. Otherwise, the cardholder may wonder why there’s a pending amount in their account, what it means and when it will be processed.
You should also avoid processing more than one preauthorisation at a time, since the customer’s account can be blocked if the preauth amount exceeds their expectations and crosses their spending limit.
What is it useful for?
For many car rentals, travel operators and hotel receptions, a preauthorisation is a vital way to avoid the risk of non-payment.
If a customer uses any accommodation, vehicles or other costly services with an open bill to pay at the end of the service, there’s always a risk that the customer incurs damages, uses add-ons (e.g. mini fridge drinks) not originally in the quoted bill or simply lacks the funds.
It is often a requirement for car renters to complete a preauthorisation prior to using the car.
So not only does an authorisation hold guarantee a future expected payment, it can also be used as a deposit to cover potential losses.
There are other advantages too:
Avoid the hassle of refunds: If there’s a problem with a service that the business would need to cover, it is more convenient to release a preauth back to the customer’s account than refund a fully authorised payment. Refunds are notoriously slow to process (can take 2-3 weeks) whereas a cancelled preauthorisation is available to the cardholder within a few days.
Prevent chargebacks: Since preauthorised funds are not a completed transaction yet, the customer cannot dispute it with their bank, which would result in a chargeback and fee for the business. In contrast, if you took a normal card payment upfront for a future service, the customer could dispute it with their bank, for example with the excuse that you didn’t provide the service.
Avoid fraud: If you’re accepting preauthorisations online without a customer interaction, a preauthorisation allows you to check an order, contact the cardholder and cancel the payment if something appears suspicious. In other words, it acts as a buffer during which you can weed out fake from genuine transactions.
How can you get the feature?
Not all card machines or virtual terminals include the option to process a preathorisation. It is something you need to ask your payment provider about, because it’s not necessarily a default function and may require a software update. It’s also more susceptible to fraud, so the payment company may need to assess your business before they add the feature in your account.
Right off the bat, the low-cost Zettle, SumUp and Square solutions don’t offer it, but payment providers like Worldpay, myPOS and Paymentsense do. Most Ingenico and Verifone terminals are able to preauthorise cards (with the right software), whereas cheap card readers almost never do.
Most virtual terminals with a monthly fee are likely to have the feature, including Takepayments’ and PayPal’s, while the free SumUp or Square Virtual Terminal do not.