So I was ordering some uniform for my kids nursery last night and the website showed my card as declined (it gets delivered to the nursery and i didn’t hit he button saying use different billing address so the data sent was initally the nursery address as my billing address hence the decline)
However what actually happened is the money was taken, then refunded I then corrected the address and had the card transaction again but it looks a right mess now in the feed. Why didn’t it simply decline? Why did it do this process?
I have and she basically said that happens sometimes usually due to a timeout but I know what it was as my address was 100% wrong so assumidly it came back as a fraud or whatever but it’s weird it immediately refunded
This a happens due to the way address verification happens when your payment is being authorised.
We receive a message from the merchant telling us “we’d like to take £5 from this card, would you approve it?”, along with a range of other information. One piece of information that is included is parts of the billing address you enter on the website.
Our reply is a yes / no answer, but also includes various other pieces of information, like whether we were able to match the address to the one on your account. In this case we have approved the payment, but told the merchant that the address didn’t match.
The merchant then can decide based on their own risk appetite whether to proceed with the transaction. If they decide not to, like in this case, they send us another message telling us they’d like to reverse it.
I appreciate the response and now understand why this would happen however I think that could be way improved in the feed since the authorisation decision hasn’t been fully processed then I still feel a decline “not matching address” feed item would be far more helpful and appropriate.
In fact a note under a transaction that was approved without a matching address should probably be noted as well as that seems like an odd transaction to approve at all
The “authorisation” here is really Monzo saying “All we can tell you is that the card details are correct, and there are sufficient funds in the account. Proceed at your own risk.”
If you then query the transaction with the bank and say “that wasn’t me” Monzo will claim the money back from the merchant.
Keep in mind that a billing address isn’t required at all for many transactions anyway, thus making address verification optional.
But why? It’s the merchant’s decision to take the risk or not, isn’t it?
Keep in mind that address matching isn’t a precise science: Particularly if I get a payment card from abroad I should expect some address mismatch, because addresses are formatted differently in different countries, and my “order form” may not match what the customer is used to, or what the card issuer uses.
And, again, not all online purchases require providing an address, so it’s entirely up to the merchant to decide whether it’s worth the risk or not.
Most of us are probably not really aware of this, but the bank’s authorisation is really only the first out of a number of checks that most merchants will take into account when deciding whether to accept a card for payment or not (especially online). There is, for example, this stuff where the payment network returns a risk indicator to the merchant together with the auth message, and leaves it up to the merchant to decide which risk level they want to accept.
Here are two fictional examples I can think of at the opposite end of the scale:
I sell high value physical goods online. In that case, I’d certainly do well to reject transactions with higher risk factors (e.g. address mismatch).
I sell some online subscription to a service I provide. Providing that service to each individual user has little cost, and the service can easily be cancelled if the payment is reversed. I will be willing to take higher risk transactions due to the low financial risk to myself, and I might not even bother asking for someone’s address at all, as it reduces the burden on data protection compliance (I don’t need to bother about data I never held).
I understand the risk is with a merchant but simply put I want even small security checks like this in place to aid in the prevention of my card being used by someone else.
If the address completely and utterly doesn’t match then yes, I want to say to my bank “please do not authorise this as it may not be me”. If it is me then I will reenter the correct address after the first decline.
No I just value my money whether it’s £5 or £500. A merchant might be happy to take a risk but I am not.
If the option for separate billing is not there then fair enough (though I haven’t seen many) , but where it does exist I would expect my bank to put safeguards in place as basic as making sure my details match what has been entered.
Not all merchants offer separate fields for delivery and billing addresses. Also billing address can be used for invoice address so can be different to cardholder address.
I may have a card with a London cardholder address, have invoices go to an address in Herefordshire, and delivery go to an address in Essex. I would not want my transaction to fail. This is where MasterCard SecureCode comes in. I can type in my password or letters from it to prove it is me. No need for silly address verification, which often fails on formatting issues.
Sounds more like a business, which Monzo does not cater for.
Also I have never once had Secure Code pop up for Monzo. So I don’t understand that point. If it did, I still think that your account details should match.
