Payment decline codes can be confusing and common. The 05 "Do Not Honor" response can account for 10% to 60% of your declined payments. But what does it mean, and what can you do about it? Unfortunately, there's no simple answer. However, our experience in analyzing authorization rates, partnering with card schemes, and building our own issuing bank has given us some insights.
The anatomy of a card refusal
When you process a customer’s card payment, your acquirer sends the payment request via the card schemes (Visa/Mastercard) to your customer’s issuing bank. The bank then evaluates the data it’s received and makes a decision on whether or not to approve the transaction.When processing a customer's card payment, your acquirer sends the payment request through card schemes like Visa or Mastercard to the customer's issuing bank. The bank then reviews the data and decides whether to approve the transaction.
Most transactions are approved, but there are times when the issuer declines the transaction. This decline is communicated through a two or three-character response code sent back to you. Often, your payment service provider (PSP) will provide a translation of this code to help you understand the reason.
This entire process occurs while your customer is waiting for approval. It's crucial to have a plan for handling declines, tailored to the specific code received.
05 Do Not Honor: The original decline response
The "05 Do Not Honor" code means the customer's issuing bank refuses to authorize the transaction. In the past, banks used this code for every decline reason, from insufficient funds to suspected fraud or canceled cards. This could account for up to 60% of your declined payments.
Recently, card networks like Mastercard and Visa have worked to improve visibility into the reasons for declines. This is beneficial because it provides more information to manage reattempts, improve customer interactions, and increase conversions. As part of this effort, Mastercard and Visa have set limits on the use of the "Do Not Honor" response by issuers, so you may have noticed a greater variety of decline responses.
51 Insufficient funds
As the name suggests, "51 Insufficient Funds" indicates that a customer doesn’t have enough funds in their account to complete the purchase. This is the most common decline response and can be particularly challenging for card-on-file "subscription businesses" that can't prompt customers to use an alternative payment method.
While you can’t do much if a customer doesn’t have enough money in their account, you can improve your chances by strategically timing your retries.
Optimize your billing around paydays
For subscription businesses, it's tempting to use the initial payment day as the reference for future billing. However, this might result in billing just before payday when accounts are low. Paydays vary by country; for example, people in the UK are usually paid at the end of the month, while in the US, they are often paid bi-weekly. By analyzing transaction success rates in different markets, you can make data-driven decisions about the best billing times.
Evaluate your checkout experience
For non-subscription payments, consider the message customers receive when they encounter an insufficient funds decline. A poorly handled message can lose the customer, while a well-crafted one can save the sale. Best practice is to suggest an alternative payment method.
Use partial authorizations
Partial authorizations, offered by Mastercard and Visa, allow you to collect the available balance in a customer's account and then guide them to use another payment method. This is commonly used for in-person payments, electric vehicle charging, and automated fuel dispenser payments but can also be applied to ecommerce or subscription payments to reduce insufficient funds issues.
Leverage network response information (Mastercard)
Sometimes, acquirers receive additional information from Mastercard indicating when to retry a "51 Insufficient Funds" decline. Your PSP should provide this as part of the Mastercard Merchant Advice Codes, helping you optimize your retry strategy.
Recent customer activity
You’re probably not the only business with which your customer’s interacting. They might have just made a large purchase on a high-risk website, or been on a huge shopping spree at 3am. In this case, it doesn’t matter how you format your approval request. The issuer may decide to decline your payment request as a byproduct of your customer’s activity elsewhere.
In most cases, a decline attributed to recent customer activity can simply be retried at a different time. It helps to be transparent to your customer; explain the reason the payment failed and suggest follow-up action. This, of course, will depend on the decline code:
Exceeds Withdrawal Amount Limit: Linked to a cumulative spend limit on your customer’s card, it usually means they’ve exceeded their pre-agreed spend limit that day.
Exceeds Withdrawal Frequency Limit: Your customer has exceeded their transaction limit for the day.
In both cases, the best approach is to let them know the issue and recommend they contact their card issuer. Don’t attempt a retry on the same day.
Data errors
Sometimes transactions fail because of an issue with the data that’s sent to the issuer. For example, an address verification service (AVS) or card verification value (CVV) mismatch. Or the lack of 3DS2 authentication performed on a transaction in scope of PSD2. The key with these is to find the data point that’s triggering the decline and then retry the transaction with the correct information.
CVV failure
The CVV2 or CVC2 is the three digit code on your customer’s card. If the code doesn’t match the one the issuer has on file, the transaction will be declined. It can even occur with in-person payments if the terminal has issues reading the CVV code embedded into the chip.
In many cases this is still returned as a 05 Do Not Honor but Visa uses a dedicated N7 Decline for CVV2 failure.
Keep a close eye on the codes in combination with the CVV results provided by your PSP. If these indicate a CVV failure, prompt your customer to enter their card details again or re-initiate the payment at the terminal.
Address verification service (AVS) mismatch
AVS compares the address data provided at checkout to the one on the card issuer’s database and is especially common in the UK and the US.
AVS mismatches usually have an accompanying AVS response code indicating if the issue was with the post or zip code, street address, or both.
In the event of an AVS mismatch decline, prompt the customer to re-enter their address details.
Authentication required (soft decline)
1A Authentication Required and 65 Authentication Required decline codes occur when a transaction is rejected due to the lack of authentication. This is referred to as a ‘soft decline’ and is usually returned by issuers that are bound to enforce strong customer authentication (SCA), for example in the EEA due to PSD2.
The retry strategy for a soft decline is to authenticate the customer and retry the transaction.
In the cases when your customer is not in-session (such as a subscription), you’ll need to bring your cardholder back to authenticate again.
Tools such as Pay By Link, sent via email, are handy in these scenarios.
Expired and closed card accounts
This occurs when a card has expired or been canceled. These can be painful, especially if you process subscription payments and your customer isn’t in-session.
The way to recover these transactions is to retry with the customer’s up-to-date card details. Account Updater and network tokenization services can help reduce these types of declines by ensuring you always have the right card details on file in the first place.
Format errors
12 Invalid Transaction and 30 Format Error indicate there’s something wrong with the transaction data received by the issuer.
Don’t retry this transaction. Instead, ask the customer to provide an alternative payment method.
Restrictions on card usage
57 Transaction Not Permitted and 62 Restricted Card decline codes occur when that specific card can’t be used. This can happen if the card is restricted by geography or channel (i.e. only in the US or in-person payments only).
Inform the customer of the restriction and recommend they contact their bank to have it removed. Only when this has been done, should you retry the transaction.
Technical outages
Sometimes a payment fails because of a temporary outage in the system. In this case, a 96 System malfunction or 91 Issuer Unavailable or 05 Do Not Honor code might be issued.
In this instance, payments can be retried automatically. But this comes with a health warning:
Repeatedly retrying failed transactions can lead to issues with the card networks. You may make incremental gains by retrying over long periods of time, but the success rate inevitably decreases. The best approach is to see what you can save while staying compliant with the card networks.
Suspected Fraud
All issuers will have fraud detection systems to identify suspicious activity and they naturally tend to err on the side of caution. Unfortunately, they also have no way of communicating to you why they refused the transaction beyond issuing a Suspected Fraud decline code.
In addition to declining the transaction, the issuer is also likely to put a (usually temporary) block on the card. In that case, the best approach is to ask the customer to contact their bank. These days, this can be as simple as clicking on a button in their banking app. We don’t recommend retrying until the bank has been contacted and the card unblocked.
Policy/Lifecycle declines
If you take a look at the decline response codes you’ve received over the last few years, you might see the numbers of 82 Policy, 79 Lifecycle, and 83 Fraud/Security now exceed 05 Do Not Honor. These codes are specific to Mastercard and can be explained by the Mastercard Merchant Advice Code (MAC), which should be shared by your PSP.
MAC = 01 is generally associated with a 83 Fraud/Security decline and means that new account information is available (i.e. because the card has expired or been canceled). Again, Account Updater or network tokens can help mitigate this before needing to contact the customer for a different card.
MAC = 02 is generally associated with a 82 Policy and indicates there’s issue is due to customer activity. Wait 72 hours before retrying to allow for counters/limits on the card to be resolved.
MAC = 03 is generally associated with a 79 Lifecycle decline and means the transaction can’t be retried. In this case, contact your customer and request an alternative payment method.
Combat Do Not Honor (and other card refusals) with Adyen
Processing payments for the likes of Uber and Spotify has taught us a lot about optimization. And, since all payments across all channels and regions are processed on the same platform, we have a wealth of data, which we feed into our machine learning algorithms. The result is a suite of smart tools, which work in the background to determine the best way to achieve an approval, while blocking fraud. Learn more about our payment optimization suite RevenueAccelerate or click below to get in touch.
Get in touch to learn more
We’d love the opportunity to explore how we can maximize your card approvals. Click here to get started.
Fresh insights, straight to your inbox
By submitting your information you confirm that you have read Adyen's Privacy Policy and agree to the use of your data in all Adyen communications.