All News

Why online payments fail and how to avoid it?

Merchants and their clients experience online payments failing everyday. It is mutually annoying. Buyers spend time and effort to enter their payment details, for the payment just to be declined. When it happens, buyers have a second chance to re-think their buying decision. Let’s face it, no merchant wants their clients to think twice about purchasing. Also, when a payment fails it might damage the reputation of an ecommerce site and repel users to buy again.

Understanding why payments fail is the key to knowing how to avoid it. Payments might always continue to fail, but as an ecommerce business owner you must take additional measures to reduce transaction fail rates to the minimum.

Payment processing explained

Buyer fills payment details. Seconds later payment is in the merchant’s bank account. Even though the transaction usually happens in seconds, the process itself is complicated. To understand why online payments fail, let’s briefly look at the transaction process.

When a client decides to purchase something online and fills in payment details – payment journey begins. The transaction data then will have to travel through all the roleplayers for the payment to be successful. 

  1. Merchant’s website picks up a signal that a user wants to make a purchase. 
  2. The payment data goes to the merchant’s payment processor. 
  3. If everything is legit, payment request is sent further – to the acquiring bank. 
  4. An acquiring bank forwards it to schemes. It is a body that sets rules and technical standards for the execution of payment transactions using the underlying payment systems. For example, in the card transaction case – card associations. 
  5. Scheme then submits a transaction to the issuing bank for authorisation. 
  6. Issuing bank checks whether a buyer has enough funds to make a purchase.

Why do online payments fail?

Virtually, there are two types of payment failures – due to technological and security reasons. The transaction is quick and invisible, but the process is rather difficult. It is easy for a payment request to just go through all the roleplayers in the process. What makes it difficult – at every step, every roleplayer checks the data for security reasons. Not to mention technological barriers.

I will explain why each roleplayer in the transaction journey might be interested in “failing” the payment due to security or the reasons for technological payment errors.

Security reasons

Online payment roleplayers, security wise can be unofficially split into two: the ones who ask and the ones who check.

Merchant, buyer and acquiring bank are usually only interested in asking for payments to be approved. They hold less liability for payment legitimacy because they are the earners of the transaction. However, the transaction directly affects only the merchant and buyer, so payments usually fail exactly due to these two roleplayers. Other participants of transaction journey are usually legitimate legal persons, that already have history in transacting payments. Merchant and buyer are the ones who are being thoroughly checked throughout this journey. If red flags are picked up from one or another – the transaction will be declined. Other roleplayers are there to establish a safe, quick and equal payment journey.

Payment service providers (PSP) are supervised by scheme networks for only legitimate transactions for legitimate merchants to go through. These financial institutions hold liability for transparency and security during the transaction. PSP can identify potential fraud and protect merchants and buyers from loss. They are liable to process only legitimate transactions to protect the interests of merchants, buyers and scheme networks.

Acquiring banks and issuing banks are responsible for accordingly – acquire or issue payments. They might also decline the transaction, because protecting their clients’ rights and money is in their best interest. Even though every roleplayer in the transaction process might approve the payment request, banks have the “last laugh”. Due to their internal policies, they might decline the payment if they think that this transaction is illegitimate. In addition, if they check whether their client is liable to accept that payment. For example, a merchant or a buyer might be exposed to restrictions that would interfere with a smooth payment process.

Every player in the transaction journey has security requirements they have to meet to ensure a secure and equal payment environment for everyone. Payments usually fail when a transaction does not correspond to at least one of these requirements.

Technological errors

As I already mentioned, the payment journey is a rather complicated process. With a significant amount of players involved, technical errors might occur.

When a payment is being processed we rely for each player to be technologically available. If atleast one player is down – it will result in payment failing. This is how system downtime can negatively affect buying experience for merchants and buyers. Banks, schemes and PSPs are usually established businesses that invest a lot of time and effort to create reliable systems so that system downtime would never occur. Financial institutions need to be available 24/7 as payments happen any time.

You might also want to include human errors in this category. Many of us mistakenly put O instead of a 0 when typing in our card details. Or perhaps made a typo when typing in their name. This is a type of technological error that is caused by human errors. The data typed in has to be exact or else the payment will fail. Payment systems are not as smart to assume that there was a simple typo. Good news is that when such errors occur, buyers are quick to realize it and the error is shown right away, so they can correct their mistake immediately.

Merchants might also be liable for technical errors occurring. Seemingly correct integration of PSP might still sometimes trigger an error. This usually occurs in custom system builds. Such integration is the hardest and easiest to make a simple mistake that might result in payments failures. It comes with a cost of full customization possibilities. Good news – the payment service provider itself should be able to help you. Nowadays most people use e-commerce platforms (rather than custom builds of their website), making correct integration even easier via modules. If payments on your website goes through, there is no reason to re-check the validity of your integration. However, if you notice payments failing, you might want to check for technological errors caused by your website.

What to do when payments fail?

As a merchant, you should check the payment failure details and identify the player responsible for the error. Then contact that roleplayer responsible for payment failure. Most payment service providers have their own set of response codes for when payment is not authorized successfully. Every code should identify the reason for payment failure. Even though codes vary from provider to provider, the reasons are usually the same.

Reason stated with the response code might not be enough for you to fully understand why the payment has been declined. For example, you might get an error of “invalid merchant”. Reason itself is not enough to identify the problem. In this case, invalid merchant might mean that the issuing bank does not want to do business with the merchant or their website (for example, based on MCC or simply the issuer’s own acceptance policy). To get closure of why exactly you were declined, you should contact the issuing bank and find out the real reason. Also, ask for what you can do for payments to go through.

Most payment failures are fixable. You might need to edit one thing or another and everything will run smoothly again. Failures that happen due to human error are harder to fix. For example, a response code with a name of “N7 (Visa), decline, CVV2 failure” implies that a buyer failed to successfully type in a correct CVV2 code. There is little you can do, but remind him to try again. Although note that, if the same customer has made even a few failed attempts, it is possible that he/she is not a legitimate cardholder. Such an unusual occurrence is an alert to a payment service provider and a merchant that a payment might be exposed to fraudulent activity. I guess sometimes it is good that payments fail.

Tracking your business’ transaction response codes is a key to realizing why you fail to make a sale at the top of the sales funnel. A person actually attempted to pay for your product or service, but the sale did not happen. If a merchant is able to regularly keep track of response codes and reasons of payment failures, this can help them identify and solve problems of their clients’ conversion rates. These codes should be able to tell you the reason why buyers drop-off. Identifying these reasons is a key to solving them and solving them is a key to increased sales.

Tips to avoid payments failing

Choosing a payment service provider

Technological errors are less common than security issues for payments failing. Usual players in the payment process strive to have a technologically reliable system. As a merchant, technological errors are best avoided when choosing a PSP. When choosing your payment service provider, you should think not only about a price friendly solution, but also about the reliability of that provider. Also, do your research about the support quality. Fact is, payments may eventually fail, your best bet is to choose a PSP that will be quick and responsive to your request for help.

Having multiple providers and payment methods

In addition to avoiding technical issues, I would suggest using multiple providers. Most merchants know that having multiple payment methods is a key to lower checkout drop rates. In such a case, a buyer can choose the most convenient payment method for him. If a buyer experiences a payment failure, say via bank transfer, they might be willing to try another payment method. Also, as a merchant you might prompt them that their online payment has failed and to offer an alternative of paying for your services or products. Any time payments fail, it is a reputation damaging experience to merchants and an annoying situation to their customers. Using this method, you do not really avoid payment failure, rather – you work around it.

As an online business owner, you can also integrate multiple payment service providers for the same payment methods. For instance, your credit and debit card payments provider faces technical issues or system downtime. Every second they are not available to process your payments is a loss to your business. You can avoid such loss by having another online credit and debit card payments provider integrated. In that case, you could switch while your primary provider is having difficulties. Having a plan B is beneficial in almost any life scenario.

Ensuring security by your own

As mentioned above, online payments tend to fail due to not meeting security requirements. While banks and providers are mostly responsible for ensuring safe payment experience, as a merchant you too can help the secure payment environment.

For example, implementing 3D secure 2.0. Due to new regulations, most PSPs and merchants will have to comply with Strong customer authentication (SCA) requirements. These new regulations should implement new levels of security while providing customer friendly checkout experience.

In order to accept payments on your website, your website will need to be SSL certificate compliant. While processing payments it is very important to protect data privacy of every stakeholder in the payments journey in order to avoid scammers and fraudulent activity. SSL certificate is a piece of code that keeps customer’s information safe while it passes between the roleplayers. If your site does not yet have a SSL certificate, I strongly advise you to implement it if you ever think about accepting payments or doing any kind of business online.

Choosing a secure payment service provider

Experiencing payment failures due to payment service providers’ fault is a loss no merchant wants to experience. That is why choosing a PSP that can securely process your payments is also a big step in preventing payment failures.

Choosing security over speed and price is something I recommend to every merchant – big or small. Less profit is better than no profit at all. Good thing is that the security of a payment service provider is something that is very easy to check. Check whether a provider is PCI DSS Level 1 compliant. If a PSP complies to these sets of requirements it means that their payments processed has top level of data security. When choosing a payment service provider, check whether they comply with PCI DSS Level 1.

In conclusion…

Online payments is a set of complicated processes that, sadly, tend to fail. But it is no exception to real-life payments. Even paying with cash can result in a failure, as a cash register can sometimes get jammed. So online payments are not failure-proof. As a merchant, you can do a set of precautions to reduce payment failures rate to the possible minimum. Working on the security of your website and technological reliability is a key to having payments processed successfully. You are not alone in this as other stakeholders are as much interested in ensuring a smooth payment experience between merchants and their customers. Contact your payment service provider or bank and get assistance of proofing your business from online payment failures.

I’m marketing manager at Cardinity. I strive in empowering payment experiences for online merchants. Everyday Cardinity works towards improving online payment environment for e-commerce businesses. I am happy to contribute by writing educational articles about online payments and consulting every merchant (from small to big) for their payments’ needs. Feel free to contact me or connect via LinkedIn