Monzo Auth Codes

I’ve noticed unlike my legacy card my monzo card always has a auth code thats letters apart from at a couple of merchants where its numbers like a legacy banks card.

Village Shop via a payzone card machine gives a number auth code
B&M Bargains gives a number auth code
Tesco Pay At Pump gives a number code
Asda Pay at Pump also gives a number code

It’s interesting more than anything else

Where can you see the authorisation code? Are they printed on receipts?

Yes, only noticed it after pulling a load out of my cars ashtray.

This is a very interesting one. The payment specifications say that an auth code can contain letters or numbers, however basically every bank have just used numbers until Monzo came along to shake up the industry per se.

Because some merchants did not comply with the rules of accepting these new types of authorisation codes the transactions would decline. I believe Monzo has a whitelist of places now where the processor will only generate numbered transactions to prevent any problems but of course can only do so when enough people complain about it and they cotton on that this is the reason its declining.

I was unable to get a SIM only contract from 3 because of this a long time ago as they had an instore verification system that couldn’t accept letter authorisation codes.

tl;dr: Monzo uses letters in auth codes except in places they’re aware it will cause problems.

I see alphanumeric on mine

Monzo have always used alphanumeric auth codes as the specifications allow. They are one of the only banks to do so, the norm is just to use numeric auth codes. As a result of deviating from the norm, albeit keeping to the specification, Monzo cards see more issues relating to unexpected auth codes than other banks.

1 Like

The payment processors need to expect all valid Auth codes regardless of how common.

Monzo uses alphanumeric auth codes for almost all transactions, except for some acquirers, where we use numeric auth codes. Some acquirers will rewrite alphanumeric auth codes to numeric ones, causing issues for things like matching Flux receipts. For this reason we’ll use numeric auth codes instead in these cases. In general alphanumeric auth codes are preferable because they provide more entropy, making it easier to uniquely identify a transaction from its auth code.


Are they allowed to do this, strictly speaking?

1 Like

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.