Skip to main content

Auth Optimization

On this page
Prerequisites

Before optimizing auth rates, ensure you have:

  • Access to processor dashboard with auth rate and decline code visibility
  • Understanding of payments metrics and your current baseline
  • Familiarity with 3DS concepts (impacts auth rate)
  • Knowledge of your transaction types (CIT vs MIT, recurring vs one-time)
Is This Section for You?

Under $100K/month? Focus on picking a good processor and monitoring your auth rate. The optimizations below (network tokens, retry logic, 3DS exemptions) have real implementation cost and won't pay back until you're processing more volume. Check your baseline auth rate in your processor dashboard. If it's above 90%, you're fine for now.

$100K-$500K/month? Start with retry logic and 3DS exemptions. Network tokens are worth exploring.

Over $500K/month? All of this applies. Every 1% improvement is meaningful revenue.

TL;DR
  • Baseline first: CNP e-commerce averages 85-90%, best-in-class hits 95%+. Know yours before optimizing
  • Network tokens: +2-5% auth lift; tokenized credentials outperform raw PANs with issuers
  • Retry logic: Soft declines (51, 91) = retry in 3-5 days; hard declines (41, 43, 54) = never retry
  • 3DS exemptions: Request TRA, low-value, recurring exemptions where you qualify
  • Flag correctly: MIT vs. CIT matters. Wrong flags = higher declines

Your auth rate is revenue. Every 1% improvement in approval rate is 1% more money. Most SMBs don't know their auth rate. When asked, they guess high.

Reality: CNP e-commerce averages 85-90% auth rates. Best-in-class hits 95%+. The gap between those numbers is real money you're not collecting.

What Matters

  1. Know your auth rate. Can't fix what you don't measure.
  2. Network tokens lift approval 2-5%. Tokenized credentials perform better with issuers.
  3. Retry logic matters. Wrong retries burn issuer trust. Right retries recover revenue.
  4. 3DS is a lever, not just compliance. Used well, it improves auth. Used badly, it kills conversion.
  5. Issuer declines have patterns. Learn your top decline reasons and fix the fixable ones.

Auth Optimization Topics

🔧
Optimization Tactics
Network tokens, retry logic, 3DS optimization, transaction flags
📈
Increase Auth Rates Playbook
Step-by-step guide to improving approval rates

Know Your Auth Rate

Before optimizing, baseline.

How to Calculate

Auth Rate = Approved Transactions / Total Attempted Transactions × 100

What's Normal

Business TypeTypical Auth RateBest-in-Class
E-commerce (US domestic)85-90%95%+
Subscription (initial)80-85%90%+
Subscription (recurring)90-95%97%+
Card-present (CP)98-99%99%+
International CNP75-85%90%+

If you're below "typical," there's low-hanging fruit.

Where to Find It

Check your processor dashboard. Look for:

  • "Authorization rate" or "Approval rate"
  • Filter by: card brand, card type, geography, transaction type
Ask Your Dev

"Where can I see our overall auth rate? Can I filter by card brand and geography?"

Quick Reference: Decline Types

TypeExamplesAction
Soft declineInsufficient funds (51), Issuer unavailable (91)Retry in 3-5 days
Hard declineLost card (41), Stolen (43), Expired (54)Do not retry
AmbiguousDo not honor (05)Try once more, then stop

See Optimization Tactics for detailed handling.

Scale Callout

VolumeFocus
Under $100k/moKnow your auth rate. Ensure basic retry logic is sane. Enable 3DS for high-risk only.
$100k-$1M/moMonthly decline code analysis. 3DS exemption strategy. Network token migration.
Over $1M/moIssuer-level optimization. Dedicated auth rate monitoring. A/B test 3DS strategies. Multiple processor routing for auth lift.

Where This Breaks

  1. International transactions. Cross-border declines are structurally higher. Local acquiring helps but adds complexity.

  2. High-risk MCCs. Some industries have elevated decline rates regardless of optimization. Issuers are more conservative.

  3. New merchants without history. Issuers trust merchants with track records. New accounts face higher decline rates until they build history.

Analyst Layer: Metrics to Track

MetricWhat It Tells YouTarget
Overall auth rateBaseline healthOver 90% US domestic CNP
Auth rate by card brandNetwork-specific issuesVisa/MC should be similar
Auth rate by geographyCross-border frictionDomestic > international
Soft vs. hard decline ratioRetry opportunitySoft should be over 50% of declines
Retry success rateRetry logic effectivenessOver 20% of soft declines recovered
3DS challenge rateFriction levelUnder 20% of 3DS transactions challenged
3DS conversion rateChallenge completionOver 80% complete challenge

Trend Over Snapshot

Auth rate fluctuates. Track weekly trend, not daily snapshot.

A 0.5% week-over-week decline is a signal. A 0.5% daily swing is noise.

Next Steps

Just starting auth optimization?

  1. Pull your current auth rate from your processor dashboard → Baseline before optimizing
  2. Identify your top 5 decline codes → Focus fixes on highest-impact issues
  3. Check if you're using network tokens → If not, migrate stored cards to tokens

Ready to improve?

  1. Review optimization tactics → Network tokens, retry logic, 3DS
  2. Follow the increase auth rates playbook → Step-by-step optimization
  3. Implement smart retry logic → Recover soft declines without burning issuer trust

Already optimizing?

  1. Set up weekly auth rate monitoring → Track trends, not snapshots
  2. Segment by card brand and geography → Find specific weak spots
  3. Consider multi-processor routing → Route to best-performing processor by issuer

See Also

Last updated on