Card Brands Retry Program

Redirecionando para https://docs.cielo.com.br/ecommerce-cielo-en/reference/card-brands-retry-program-1 ...

The documentation for API Cielo E-commerce is now on a new portal

new e-commerce developers portal for Cielo and Braspag

Access the new E-commerce developers portal at docs.cielo.com.br.

Warning: The content on this page is being discontinued and will not receive updates after 09/16/2024. Please visit the new documentation at docs.cielo.br.


Card Brands Retry Program

What are transaction retries?

When a shopper tries to make a card purchase at your business, a transaction can be declined due to a number of factors. The next attempts to complete the transaction using the same card is called retrying.

Important: Card transactions (both card present or not-present) and Zero Auth (card validation) are also subject to the card brand rules for retrying.

What has changed?

Each card brand defines the amount that will be charged for retrying. The number of times a transaction will be retried also varies by brand.

Are transaction retries allowed in e-commerce?

Card brands define different rules for present and non-present card transactions, like in online sales.

What is the impact for the merchant?

Merchants who do not follow the rules will be penalized by charging fees for exceeded transactions, in accordance with each brand program.

Aiming to improve the shopping experience, the payment methods industry, together with ABECS, promoted the standardization of the response codes for rejected transactions made by card. Attempts are classified as:

It means, for example, that the card was canceled for use, has been lost or stolen, there is confirmed fraud, the transaction is not allowed for that product, indicating that there are no circumstances in which the issuer would grant an approval. Any authorization attempt that has previously received an irreversible refusal without any changes in the message will not be successful.

It means that the issuer can approve, but cannot do so now, possibly due to a system issue (down) or lack of limit, suspected fraud or exceeded number of password attempts. These are temporary opt-out decisions made by the issuer that may change over time.

The Visa, Mastercard and Elo brands adjusted their rules to limit the number of authorization attempts for a denied transaction. These changes provide for the charging of fees for excessive attempts. Below are the rules for each brand.

Mastercard

The Mastercard brand has the Transaction Processing Excellence (TPE) program, which includes two categories:

1. Excessive Attempts

These are charges made when the merchant exceeds the rules for retrying transactions.

The brand also performs monitoring for any approved nominal value authorization, with subsequent reversal for transactions below 1 unit of whole currency or the equivalent of US$ 1.

Monitoring is applied to retry transactions for denied and approved purchases, carried out in a present and non-present card environment.

Excessive Attempts Table

Categories Codes Validity Domestic Rate International Rate When Occurs Retry Allowed
Card present and Card not present Any denial code that is not assigned to MAC 03 and 21. And also MAC codes if you do not respect the “Excessive Attempts” limits Until 01/31/2023 BRL 2.00 - From the 11th retry onwards Retry allowed within 24 hours.
Card present and Card not present Any denial code that is not assigned to MAC 03 and 21. And also the MAC codes if you do not respect the limits of “Excessive Attempts” New rule from 02/01/2023 R $2.00 - From the 8th retry onwards Retry allowed within 24 hours.

Note: The current rule of the Excessive Attempts program is valid until 01/31/2023, where only 10 attempts to approve the same transaction are allowed (on the same card, and same merchant number), with retry allowed after 24 hours.

2. Merchant Advice Code Transaction Excellence (MAC)

These are charges made when the establishment re-attempts to send authorization for irreversible response codes with the same valid card for a card not present.

Within this retry program, there are programs that are specifically designed for the “Do not try this transaction again” scenario. For these cases, Mastercard identifies transactions with the following values: MAC 03 and MAC 21, for example.

The MAC program accepts a few values, however only MACs 03 and 21 have a specific charge. The other MACs do not fall under this MAC 03/21 charge.

The other MAC codes (01, 02, 04, 24, 25, 26, 27, 28, 29, 30, 40 and 41) are not included the MAC billing program but are included in the Excessive Attempts program billing if you exceed the limits.

Since 10/14/2022 Mastercard has introduced new MAC codes 24, 25, 26, 27, 28, 29 and 30, when an issuer declines a transaction with the response code 51 (Insufficient Funds) followed by one of the MACs below, for the merchant to take the best action.

MACs codes table

MAC Description Note
01 New account information available (ABU) Need to update the data of the account being used in the transaction, using the ABU, for example.
02 Cannot be approved at this time, try again later Must retry the transaction after 72 hours or try the transaction with a different payment method.
03 Retry is not allowed Must seek another method of guaranteeing payment, avoiding unnecessary costs of multiple authorization requests that will continue to result in declines
04 Token requirements not met for this model token Need to review the token requirements, as they were not met for the model token sent in the transaction
21 Plan cancelled Customer cancels plan and even after cancellation, the establishment continues to send purchase authorization request.
24 Try again after 1 hour Only valid for response code 51 (Insufficient Funds).
25 Try again after 24 hours Only valid for response code 51 (Insufficient Funds).
26 Try again after 2 days Only valid for response code 51 (Insufficient Funds).
27 Try again after 4 days Only valid for response code 51 (Insufficient Funds).
28 Try again after 6 days Only valid for response code 51 (Insufficient Funds).
29 Try again after 8 days Only valid for response code 51 (Insufficient Funds).
30 Try again after 10 days Only valid for response code 51 (Insufficient Funds)
40 Retry is not allowed Consumers non-reloadable prepaid card.
41 Retry is not allowed Consumers single-use virtual card.

Some return codes will no longer be sent:

Categorization of Mastercard returns

Mastercard may consolidate some issuer response codes, which often may not indicate to the merchant whether or not to retry, into 3 codes for Mastercard exclusive use:

The original codes will be replaced by the Merchant Advice Code (MAC), which will accompany codes 79, 82 and 83 to determine whether or not the transaction can be re-attempted.

For example:

When Then And the response code
The issuer declines the transaction using response code 54 (Expired Card) Mastercard will replace code 54 with code 79 (Lifecycle Decline) Accompany appropriate Merchant Advice Code (MAC)

MAC 03 and MAC 21 retry program

Method of calculation:

Table of values:

Number of retries Rule
As of the 1st attempt BRL 2.50 (two reais and fifty cents) per attempt, as of the 1st

Visa

Visa may allow a certain number of new attempts to approve a transaction depending on the refusal code returned after the first declined attempt.

The goal is to create balance in the transactions ecosystem so to guarantee that both acquirers and merchants provide accurate information about retrying transactions and decrease unnecessary attempts.

Visa demands that issuers present the correct and non-generic codes to make it easier to identify the reason why a transaction was declined.

Visa classifies those codes in reversible and irreversible, both for card present and card not present transactions:

Fess: when the attempts limit for Visa is reached, every excessive attempt will be charged:

* Fees have been charged since April, 2021.

Visa grouped the response codes into four categories:

Issuers must use response codes that reflect more precisely the refusal reason.

Table with rules and refusal codes (action codes) for Visa:

The rules presented in the table below are valid for both sale and Zero Auth transactions:

Category Type Codes Rules
Category 1
Issuer will never approve new attempts
Irreversible 04 - Pick up card
07 - Pick up card, special condition
12 - Invalid transaction
14* - Invalid account number
15 - No such issuer
41 - Lost card, pick up
43 - Stolen card, pick up
46 - Closed account
57 - Transaction not permitted to cardholder
R0 - Stop Payment Order
R1 - Revocation of authorization order
R3 - Revocation of all authorizations order
Fees are charged from the second attempt.
Category 2
Issuer will not approve at the moment; retries allowed
Reversible 03 - Invalid merchant
19 - Re-enter transaction
39** - No credit account
51 - Not sufficient funds
52** - No checking account
53** - No savings account
59 - Suspected fraud
61 - Exceeds approval amount limit
62 - Restricted card (card invalid in this region or country)
65 - Exceeds withdrawal frequency limit
75 - Allowable number of PIN entry tries exceeded
78 - “Blocked, first used”—Transaction from new cardholder, and card not properly unblocked
86 - Cannot verify PIN; for example, no PVV
91 - Issuer or switch inoperative
93 - Transaction cannot be completed - violation of law
96 - System malfunction
N3 - Cash service not available
N4 - Cash request exceeds issuer or approved limit
Z5*** - Valid account, amount not supported
The merchant can retry the same transaction 15 times.
Fees will be charged from the 16th attempt for the same transaction (with the same card, transaction, expiration date, amount and merchant) within a period of 30 consecutive days (from the 1st attempt). After the initial 30 days (from the 1st attempt) any retry of the same transaction will be charged.
Category 3
Data quality
Reversible 54 - Expired card
55 - Incorrect PIN
70 - PIN data required (only Europe)
82 - Negative CAM, dCVV, iCVV, or CVV results
1A - Additional customer authentication required (only Europe)
6P - Verification data failed (cardholder identification dos not correspond to issuer records)
N7 - Decline for CVV2 failure (Visa)
The merchant can retry the same transaction 15 times.
Fees will be charged from the 16th attempt for the same transaction (with the same card, transaction, expiration date, amount and merchant) within a period of 30 consecutive days (from the 1st attempt). After the initial 30 days (from the 1st attempt) any retry of the same transaction will be charged.
Category 4
Generic response codes
Reversible Generic response codes not listed in categories 1,2, or 3 The merchant can retry the same transaction 15 times.
Fees will be charged from the 16th attempt for the same transaction (with the same card, transaction, expiration date, amount and merchant) within a period of 30 consecutive days (from the 1st attempt). After the initial 30 days (from the 1st attempt) any retry of the same transaction will be charged.

* Code 14 will be reclassified from 04/24/24, but remains on category 1.

** Codes 39, 52, and 53 will migrate from category 4 to category 2.

*** Code Z5 is a new code and is in category 2.

Important:
Since April, 2023, the limit for the total of declines for category 3 went from 10,000 to 25,000 declines in a 30-day billing cycle.

Elo

What is it?

This is a program instituted by ELO that generates charges when the merchant exceeds the rules for retrying transactions with the same card.

Forms of Calculation

Table of retries for the Elo brand

The following table exemplifies how the brand will be charged:

Month Scenario Billing
1st (August) EC exceeds limits Warning
2nd (September) EC does not exceed limits Does not generate charges
3rd (October) EC exceeds limits In this case you will be warned again. The charge will only be made in case of recurrence.
4th (November) EC exceeds limits Application of the fine
5th (December) EC exceeds limits Application of the fine
6th (January) EC does not exceed limits Does not generate charges
7th (February) EC exceeds limits You will be warned again.

List of refusal codes:

The response codes below are listed according to the brand’s authorization manual.

CODES DESCRIPTION WHEN THE ISSUER SHOULD USE THE RESPONSE CODE RETRY
4 REDO THE TRANSACTION This code must be used by the Issuer to request that the owner of the card/EC perform the transaction again if the issuer detects failure in capturing the transaction information or if it is necessary to update the password, denying the 1st transaction Reversible
5 GENERICAL The brand may use this code for other dealings (generic). Reversible
6 CONSULT ACQUIRER This reason must be used by the Acquirer when it identifies internal problems that do not require changes in the message for the transaction to follow the correct flow. Reversible
12 CARD ERROR - This code must be used by the Issuer when it identifies a failure in the CAVV validation of 3DS or tokenized transactions.
- This code must be used by the issuer when it identifies an incorrect/invalid service code for cards
- This code must be used by the issuer for problems identified in the token
- This code must be used to deny reversals and reversal notices where the original transaction is not located by the issuer.
Irreversible
13 INVALID TRANSACTION AMOUNT - This code must be used by the issuer when it identifies that the transaction amount is invalid according to the issuer’s parameters. Irreversible
14 INVALID CARD NUMBER - This code must be used by the issuer for invalid/incorrect card number.
- The brand may use this code for other dealings.
Irreversible
19 ACQUIRER PROBLEMS - This code must be used by the acquirer when it identifies internal problems that require changes in the message so that the transaction follows the correct flow. Irreversible
23 INVALID INSTALLMENT AMOUNT - This code must be used by the issuer when the installment amount is outside the limit established. This code must be used when the issuer does not accept the Elo Parcelado Loja product (product 072) with the number of installments less than 12. Irreversible
30 MESSAGE FORMAT ERROR - This code must be used by the issuer when it identifies a format error in the message (mandatory field, domains, formats, size not present or different from the specification). Irreversible
38 PURCHASE/EXCEEDED PASSWORD ATTEMPTS - This code must be used by the issuer when the number of permitted password attempts is exceeded (used only for purchases). Reversible
41 LOST CARD - This code must be used by the issuer for a card with definitive blocking for the reason “LOST”. Irreversible
43 STOLEN CARD - This code must be used by the issuer for a card with definitive blocking for the reason “STOLEN”. Irreversible
51 INSUFFICIENT BALANCE/LIMIT - This code must be used by the issuer for a card that is temporarily without enough balance or limit to carry out the transaction.
- Withdrawal/advance 2 without track 2
- Purchase with change not supported.
- Address verification not supported (only when process code is “13” with no purchase value). * Card account verification not supported (only when process code is “18” with no purchase amount).
Reversible
54 CARD EXPIRATION DATE - This code must be used by the issuer for a physical card or token with validity/expired or invalid. Irreversible
55 INVALID PASSWORD / NOT SENT - This code must be used by the Issuer when the password typed by the customer does not match, it’s invalid/incorrect.
- This code must be used by the issuer when the password is not sent in the message and is required for transaction approval.
Reversible
56 CARD WITHOUT REGISTRATION
1. Card number does not belong to the issuer
2. Card number is not valid
Irreversible
57 TRANSACTION NOT ALLOWED FOR THIS CARD - This code must be used by the Issuer when the card is definitively blocked, except for blocking for loss and theft that already have specific codes (eg death, confirmed fraud, definitive cancellation at the customer’s request , etc).
- This code must be used for products and services not supported by the card issuer.
- This code can be used for invalid/suspended/inactive token.
- This code must be used to negate the fallback input mode.
Irreversible
58 INVALID MERCHANT - This code must be used by the Issuer when the merchant’s MCC is not registered to obtain a token from the Issuer. Irreversible
59 FRAUD SUSPECT - This code must be used by the issuer when prevention rules suspect fraud, requiring contact between the cardholder and the issuer to release the card and carry out a new transaction.
- This code must be entered used by the issuer to deny transactions due to the absence of the travel notice that must be carried out by the cardholder before traveling abroad or in some cases before carrying out transactions on international websites.
Reversible
61 MAXIMUM WITHDRAWAL/PURCHASE VALUE EXCEEDED - This code must be used by the Issuer when the withdrawal/purchase amount exceeds the limit allowed by it. Reversible
62 TEMPORARY BILLING BLOCK - This code must be used by the issuer for cards with temporary billing block. Reversible
63 SECURITY VIOLATION - This code must be used by the Issuer when the card security code (CVE2) is incorrect/invalid or invalid MST (token). Irreversible
64 MINIMUM TRANSACTION AMOUNT - INVALID - This code must be used by the issuer when the transaction amount is below the minimum allowed by the Issuer Irreversible
65 QUALITY OF WITHDRAWALS EXCEEDED - This code must be used by the issuer when the withdrawal quantity limit is exceeded Reversible
75 WITHDRAWAL/ PASSWORD ATTEMPTS EXCEEDED - This code must be used by the Issuer when the number of password attempts stipulated by the Issuer is exceeded (used only for withdrawls) Reversible
76 INVALID OR NON-EXISTENT DESTINATION ACCOUNT - This code must be used by the issuer when the account “PARA” (destination) in BIT 3 is invalid or non-existent and exclusively for Funds Transfer transactions Irreversible
77 INVALID OR NON-EXISTENT ORIGINAL ACCOUNT - This code must be used by the issuer when the “DE” (origin) account in BIT 3 is invalid or non-existent and exclusively for Funds Transfer transactions. Irreversible
78 NEW CARD WITHOUT UNLOCKING / CARD BLOCKED - This code must be used by the issuer when the new card has not yet been unlocked (activated) by the cardholder with the Issuer or when the cardholder, through autonomy, wishes to temporarily block the card through the issuer application. Reversible
82 INVALID CARD (internal data) - This code must be used by the issuer when the card’s internal data does not match (eg invalid cryptogram, invalid ATC etc.) Irreversible
83 IT IS NOT POSSIBLE TO VALIDATE THE PASSWORD - This code must be used by the Issuer and will be used by Elo when it is not possible to validate or decrypt the password. Irreversible
91 ISSUER OUT OF AIR - This code will be used by the brand when the issuer is temporarily unavailable to authorize the transaction or the issuer’s response was not received within the established time. Reversible
96 SYSTEM FAILURE - This code will be used by the brand or the issuer due to problems processing the transaction. Reversible
AB INCORRECT FUNCTION (DEBIT) - This code will be used by the issuer to signal the establishment that it requested authorization in the debit function, but the card does not have this function active. Irreversible
AC INCORRECT FUNCTION (CREDIT) - This code will be used by the Issuer to signal the establishment that he requested authorization in the credit function, but the card does not have this function active. Irreversible
FM USE THE CHIP - This code will be used by the issuer to inform the merchant that the contactless transaction will not be successful and that the cardholder must use the chip (contact). Irreversible
P5 PASSWORD CHANGE / UNLOCKING FAILURE - This code will be used by the issuer when there is a password change or unlocking failure. Irreversible
P6 NEW PASSWORD NOT ACCEPTED - This code will be used by the issuer when the new password chosen by the customer does not meet the minimum criteria established by the Issuer. Reversible

Other brands

Important: you should follow the guidance received in the response to the transaction denied, before making a new attempt.