This is the process of the card issuer (like Visa or Mastercard) verifying payment details and reserving the funds to capture it later.

In ecommerce, in-app and point-of-sale payments, authorisation is implemented as an API call to the payment gateway. The gateway and payment processor then perform required validation and risk checks, and ask a corresponding card network to authorise this payment from an issuer to an acquirer. In Adyen API the term "authorisation" is used.

When a payment was authorised but hasn't been captured yet, a merchant can also decide to cancel it for some reason (like a high risk of fraud).

Note that authorisation is valid only for a limited amount of time. In case an authorised payment hasn't been captured or cancelled, it expires after the predefined deadline is missed.