Adyen runs validations to decide whether to authorise a transaction. For example, we evaluate relayed authorisation and transaction rules, and validate if the transaction complies with scheme rules.
To find out why a payment was refused, check the validation results and refusal reasons. You can find this information in the webhooks that Adyen sends or from your Balance Platform Customer Area.
Validation types
The following are the types of validation that Adyen runs against a transaction.
AccountLookup
Checks if the resources (such as account holder and balance account) exist and are active.
AVS_Address
AVS stands for Address Verification Service. When an address is included in the payment request, we check if the billing address matches the account holder data. This validation fails if the billing address does not match the account holder's address.
AVS_PostalCode
AVS stands for Address Verification Service. When a postal code is included in the payment request, we check if the postal code matches the account holder data. This validation fails if the billing address does not match the account holder's postal code.
BalanceCheck
Checks if the balance account has sufficient available balance to fund the payment amount.
CardAuthentication
Checks if the physical card was authenticated by at least one security factor, such as magstripe or chip-and-pin authentication.
CardholderAuthentication
Checks if the card user authenticated the transaction, such as by providing a CVC or PIN.
CAVV
CAVV stands for Cardholder Authentication Verification Value, which card schemes send if a payment goes through 3D Secure authentication. When a payment goes through 3D Secure, Adyen checks the validity of the authentication value including the transaction amount.
CVC1
CVC1 (Card Verification Code 1) is encoded in the track data on the card itself, and is used in card-present magstripe and contactless transactions. This validation fails if the track data has been tampered with, or the magstripe is corrupted.
CVC2
CVC2 (Card Verification Code 2) is printed on the card, and is used in card-not-present ecommerce transactions. This validation fails if the card user enters an incorrect CVC.
CVC3
CVC3 (Card Verification Code 3) is used in card-present transactions to identify and prevent replay attacks. This validation fails when Adyen identifies that the transaction is a replay.
EntitySettings
Checks if the account holder is allowed to do an action, such as to change their card PIN.
InputExpiryDateCheck
Checks if the expiry date from the payment request matches the expiry date on the card.
MaxAuthAmount
Checks if the transaction amount is less than or equal to the configured maximum authorisation amount on the balance platform.
MITAllowedMerchant
Checks if there was a valid reason why the transaction skipped authentication.
- If the transaction is a recurring transaction, Adyen checks if the initial transaction was authenticated. If not, the validation fails.
- If it is not a recurring transaction, Adyen checks if the merchant ID (MID) or acquirer ID is in the list of allowed merchants. If not, the validation fails. To add MIDs to the allowlist, contact our Support Team.
PartialApproval
This validation is used only for transactions where the acquirer supports partial authorisations, and only from certain MCCs such as automatic fuel dispensers. This validation checks if the transaction amount depletes the card's balance and requires another payment method to complete the transaction. The result is always valid, because this validation is only performed when the transaction meets the conditions.
PartyScreening
Checks if the processing merchant is in any sanction list.
PaymentInstrument
Checks if the payment instrument exists and is active.
PaymentInstrumentExpirationCheck
Checks if the card is not expired at the time of the transaction.
PIN
Checks the PIN in ATM and point-of-sale transactions.
RelayedAuthorisation
Only applies if you have enabled relayed authorisation. This validation fails if you refuse a payment. If Adyen does not receive a response after 1500 milliseconds, the relayed authorisation stand-in processing check is triggered.
In some scenarios, Adyen may decide that a relayed authorisation validation is not applicable to a payment. For example, if a payment already failed a transaction rule, this validation will no longer be applicable.
RelayedAuthorisationSTIP
This is the relayed authorisation stand-in processing, triggered when Adyen does not receive a response within 1500 milliseconds. The validation result is set to valid or invalid based on your default fallback setting.
Screening
Checks if the transaction complies with Adyen-wide screening rules such as rules from card schemes.
TransactionRules
Validates the payment against transaction rules.
If this validation fails, you can find out more information about which transaction rule failed from:
- The
transactionRulesResultobject in the balancePlatform.payment.created webhook. - Your Balance Platform Customer Area, in the Payments> Payment details view.
TransactionValidation
Checks if the transaction contains unsupported data.
VelocityLimitExceeded
Checks if the transaction violates velocity limits set by schemes.
Validation results
You can find the result for each validation type in the balancePlatform.payment.created webhook, in the validationResults array.
| Result | Description |
|---|---|
| valid | The transaction passed the validation. |
| invalid | The transaction did not pass the validation. |
| notValidated | The validation was not performed because some services were unreachable or Adyen did not have the information needed to perform the check. |
| notApplicable | Adyen decided that the validation is not applicable to the state of the transaction. For example, if you are using relayed authorisation but the transaction already failed a transaction rule, then the relayed authorisation is marked as notApplicable. |
Reasons for refusal
When a transaction is refused, you may see the following refusal reasons in the Balance Platform Customer Area.
3DS dynamic linking mismatch
Dynamic linking verification failed. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
AVS declined
AVS stands for Address Verification Service. The billing address does not match the account holder's address. Ask the card user to check the billing address.
Card expired
The card used for the transaction has expired. Therefore, it is unusable.
Cardholder authentication required
Contactless payment failed. Card user must use PIN for the next payment.
Cashback amount exceeds limit
The requested cashback amount exceeds the maximum allowed amount.
CAVV declined
The card did not pass 3D Secure authentication. Ask the card user to check the authentication method and try again.
Contactless limit reached
Maximum number of contactless payments reached. Card user must use a PIN for the next transaction.
Cryptographic failure
EMV card with incorrect ARQC (Authorisation Request Cryptogram) - CVC1 validation failed.
CVC declined
The specified CVC is invalid. Ask the card user to check the CVC code.
Declined
Transaction declined. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
Do not honor
Transaction declined. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
Duplicate transmission detected
Transaction rejected due to duplicate transactions detected. Ask the card user to try again.
Error
Transaction declined. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
Internal timeout
Internal issuer error. Ask the card user to try again.
Invalid card
Card not found. Ask the card user to check the card details.
Invalid card number
The specified card number is incorrect or invalid. Ask the card user to check the card details and try again.
Invalid expiry date
Expiry date does not match the expiry date on the card. Ask the card user to check the card details and try again.
Invalid PIN
Transaction failed due to incorrect PIN entered. Ask the card user to check the PIN and try again.
Invalid transaction
Data validation failed. Ask the card user to try again or call the issuer if the error persists.
Lost card
The card used for the transaction is blocked. Therefore, it is unusable.
3D not authenticated
3D Secure authentication failed to execute, or it did not execute successfully. Ask the card user to try again.
Not enough balance
Insufficient balance on account.
Not supported
Transaction not supported or allowed. Check the validation types and try again.
Partially approved
Transaction approved up to the available amount on balance.
PIN required
PIN required to authorise transaction. Ask the card user to try again with a PIN.
PIN tries exceeded
Incorrect PIN entered more than three times. Ask the card user to call the issuer.
Purchase amount only - No cash back allowed
Transaction authorised but without cash back option.
Refused
Transaction declined. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
SCA authentication required
The acquirer did not submit the required authentication details or applied for an SCA exemption, but the transaction could not be exempted. Ask the card user to check the authentication data and try again.
Security violation
Security check failed. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
Stolen card
Card is on the list of blocked cards. Therefore, it is unusable.
Transaction not permitted
Transaction declined. To learn more, check the Failed validation Types in the Balance Platform Customer Area and see Validation types.
Withdrawal amount exceeded
Transaction rejected due to exceeding the maximum allowed amount.
Withdrawal count exceeded
Transaction rejected due to exceeding the maximum number of withdrawals.