Key Features of Visa Authorization Processing
Visa offers a full-featured authorization processing solution, including:
- Choice of Authorization File Types
- Authorization Edit Checks
- Visa Fraud Protection Programs
- Falcon Fraud Manager
- Risk Services Manager
- Visa Advanced Authorization
- Verified by Visa (VbV)
- Card File Maintenance
- Stand-In Processing
- Hot Card/Card Activation Service
Visa DPS makes authorization decisions on behalf of your financial institution using one of the following file types:
- Authorization Processor (AP) Positive File. Upload all cardholder records on the Visa DPS system. Transactions are authorized for any valid card number, without a negative status, on the cardholder file. All decisions are subject to multiple client-defined authorization parameters. Daily dollar limit and velocity checks are available to limit activity and may be set at different levels depending on whether your host is available or unavailable.
- Positive File with Account Balances. This option includes all authorization processing services available with a Positive File. It also checks the cardholder's account balance to make authorization decisions and offers the option of placing a hold on funds until transactions are settled. Account balances are refreshed daily using a batch file transmission from your host system.
- Processor Interface (PI) Negative File. Transactions are authorized for any valid card number that is not on the Negative File and subject to daily dollar limits. In stand in, transactions are authorized for any valid card number that is not on the Negative File with a "hot card" or "blocked" status and has passed pre-defined edit checks such as PIN verification and expiration date checking. Daily dollar limit checks are available to limit activity for all cardholders.
- Exception File. Same as the PI Negative File however, exceptions are made for cardholders that require special limits (e.g., VIPs).
Risk edits and authorization processing options help reduce your fraud exposure. Edit checks may be set at the financial institution, card group, or individual cardholder level. You may set limits separately for cash and POS activity, and timeframes may be set for single-day or multiple-day periods. Authorization edit checks include, but are not limited to:
- Daily spending limits. Monitors dollars spent and cash back.
- Daily cash withdrawal limits. Limits the amount of cash available for daily withdrawal.
- Velocity checks. Monitors the frequency of card use.
- Expiration date checks. Determines if the card is expired and/or checks for an exact expiration date match.
- Name match. Reduces the risk of skimmed and counterfeit cards by comparing the Track 1 names on incoming authorizations to names on file.
- PIN validation. Validates the entered PIN using the PIN offset stored on file.
For even greater card program protection and reduced fraud, these programs validate additional data in the authorization message:
- Cardholder Verification Value (CVV). Validates a unique three-digit code on the magnetic stripe of all cards to detect counterfeit or re-encoded cards.
- Cardholder Verification Value 2 (CVV2). Verifies a unique value, printed on the reverse side of the card, to reduce fraudulent card-not-present transactions.
- Dynamic Cardholder Verification Value (dCVV). Validates a dynamic three-digit code provided by the chip on a contactless card to detect fraud.
- Integrated Circuit Card Verification Value (iCVV). Validates an alternate Card Verification Value that an Issuer may encode on a Chip instead of the standard Card Verification Value contained in the Magnetic Stripe of the Chip Card.
- Address Verification Service (AVS). Enables merchants to confirm a cardholder's billing address to prevent fraud in the card-not-present environment.
- EMV Cryptogram Validation. Validates a dynamic cryptographic set of data from the secure microprocessor chip embedded in the card with transactional data to eliminate counterfeit fraud.
Visa Advanced Authorization is a risk evaluation system that provides real-time risk information in the authorization message for VisaNet-processed authorizations initiated with U.S.-issued Visa cards. Risk information is provided in the form of:
- Risk Scores. Uses predictive fraud models to indicate the probability that the authorization is fraudulent.
- Risk Conditions Codes (RCC). Provides descriptive information for accounts associated with a high-risk compromise event (e.g., a compromised account or an account-generation scheme), as identified across the entire VisaNet® payments system and potentially across multiple issuers.
Once you receive Visa Advanced Authorization's risk information, you are empowered to take appropriate action based on your authorization risk strategies and parameters and/or send the risk information into your current risk management systems such as the Falcon Fraud Manager.
Flexible card file maintenance options enable you to automatically synchronize card information on your host system with Visa—helping to reduce fraud losses and streamline back-office operations. Select one or more of the following maintenance options that work best for your financial institution:
- Client Administrative Tools & Services (CATS). This option provides real-time access to the Visa DPS cardholder file via browser-based application access through a PC at your financial institution. Using CATS for file maintenance, you can inquire or make immediate changes to card and/or account information.
- Online Host. Your host system automatically sends card file maintenance transactions via an online interface from your host system to the Visa processing system whenever your internal customer files are updated. This option provides automatic real-time synchronization without the need to re-enter data into another service application.
- Batch File. Your host system transmits a daily batch file of adds, deletes, and updates to the Visa processing system. If your card maintenance activity is high, you may transmit multiple files per day. Using data from this file, Visa creates a cardholder file that is used for subsequent authorization processing and maintenance.
- Web Services. Your host or web banking system automatically sends card and account file maintenance updates via a web (xml based) services interface to the Visa processing system whenever your internal customer files are updated. This option provides an alternative, automatic, real-time synchronization process that provides more seamless integration to your web banking delivery channel.
- Balance Refresh File. Your host system transmits a daily batch file containing current account balances to the Visa processing system. If your card maintenance activity is high, you may transmit multiple files per day.