When you run a customer’s credit card or mobile payment method through your point-of-sale terminal to process a payment, it might seem like not much is happening while you wait, but in fact a complex process is taking place where a series of parties—including your payment processor, the credit card brand, and the customer’s bank—determine whether the customer has the available funds and if there is any risk of fraud. If everything looks good, the transaction gets approved and you move on to the next customer. But what about when the card isn’t approved for some reason?
If a card is declined, your best option is to ask for another form of payment, whether it's a different credit card, a form of mobile pay, or cash. After all, there's probably a good reason the card was declined. What you don't want to do is get conned into completing the transaction with a forced-sale credit card transaction, or a “force authorization code.”
What is a force authorization code?
A force authorization, also known as an offline transaction, is designed for those times when your payment terminal can't connect to the network to obtain authorization. Done correctly, the process entails you calling SpotOn directly (or whomever your payment processor is if you are not partnered with SpotOn) to get assistance. We'll walk you through the process of doing a voice authorization, whereupon you will get a force authorization code to type into your payment terminal to process the force authorization.
When done properly, the process is perfectly safe. There is a loophole, though.
Watch out for this scam
Due to the nature of force authorization, you can actually type any random number into your payment terminal as a force authorization code and it will push the force authorization through. Savvy con artists have figured this out and come up with a variety of clever ways to convince businesses to complete fraudulent force authorizations.
The most common scam involves a customer walking in and attempting to make an expensive purchase. When their credit card is denied, they will pretend to be upset and call their bank on their mobile phone. They then hand you the phone and the person on the line, pretending to be from the bank, gives you a fake authorization code.
If you fall for it and perform the force authorization, the con artist walks out the door with whatever they purchased and you'll never get paid for it. One woman conned retailers out of $500,000 with this scam back in 2014 before getting caught and imprisoned!
Best practices to avoid force authorization scams
To make sure you don’t get scammed, always follow these best practices when accepting credit card payments:
- NEVER hand your payment hardware to customers to complete the transaction themselves or take instructions from customers on how to force authorize a transaction.
- Ask for a different form of payment. If a credit card transaction is declined, ask for a different form of payment, whether it’s cash, mobile pay, or a different card. Both modern restaurant point-of-sale systems and small business payment terminals should accept multiple payment types, and they're all secure.
- Call SpotOn. If the customer insists on trying to complete the purchase on a card that has been denied, call us directly and we will assist you personally. We will be able to determine why the card has been denied. If a force authorization is appropriate, we will help you with the voice authorization process.
- Run the card again. If the customer wants to contact their bank themselves (say, for example, to inform their bank they are travelling and are out of town), encourage them to do so, and then run their credit card through your payment terminal again. If it’s approved, great. If not, insist on another form of payment.