Adyen internal checks<\/h2>\n
As an issuer, Adyen must verify that each transaction complies with financial regulations and manage fraud risk. We perform two types of internal checks:<\/p>\n
- \n
- Validations<\/a>: These verify if the card and transaction are legitimate. For example, we check:\n
- \n
- The expiry date of the card<\/li>\n
- The Card Verification Code (CVC) of the card<\/li>\n
- The available balance in your account<\/li>\n<\/ul><\/li>\n
- Internal transaction rules: These are transaction rules created by Adyen for regulatory controls. Some of these rules are:\n
- \n
- Missing payment instrument capabilities<\/a><\/li>\n
- Contactless limit reached<\/li>\n
- Missing CVC2 on an ecommerce transaction<\/li>\n<\/ul><\/li>\n<\/ul>\n
Custom verifications<\/h2>\n
If Adyen's internal checks are successful, then we perform the custom verifications created by you. Adyen offers two types of custom verifications: transaction rules<\/a> and relayed authorisation<\/a>. You can use either or both of these features.<\/p>\n
Transaction rules<\/h3>\n
You can configure transaction rules to create a logic that automatically approves or declines payment attempts. You can create rules based on various conditions, for example:<\/p>\n
- \n
- Maximum amount<\/li>\n
- Maximum number of transactions<\/li>\n
- Types of payments allowed for a payment instrument<\/li>\n<\/ul>\n
Transaction rules are automatically applied to each payment attempt. You can also combine them to facilitate different use cases.<\/p>\n
Relayed authorisation<\/h3>\n
You can use your own business logic to approve or deny each payment attempt. On each attempt, Adyen sends a webhook to your server. Your server has up to 2000 milliseconds to respond. If we do not receive a response within this timeframe, we apply your default fallback<\/a>.<\/p>\n
Payment authorisation flow<\/h2>\n
The following diagram illustrates the complete payment authorisation flow.<\/p>\n
![\"\"](\"\/user\/pages\/docs\/07.issuing\/24.authorisation\/payment-flow.svg?decoding=auto&fetchpriority=auto\")
<\/p>\nAs shown in the diagram, the flow ends when a payment is approved or refused. The steps of the flow are as follows:<\/p>\n
- \n
- Adyen receives a payment request.<\/li>\n
- Adyen performs validation checks on the request.
\nIf the payment complies with the validations, then the flow continues to step 3. Otherwise, the payment is refused.<\/li>\n - If you configured transaction rules, then the flow continues to step 4. Otherwise, it continues to step 5.<\/li>\n
- Adyen checks if the payment complies with your transaction rules. If it complies, then the flow continues to step 5. Otherwise, the payment is refused.<\/li>\n
- If you configured relayed authorisation, then Adyen sends an authorisation webhook to your server. Otherwise, the payment is approved.<\/li>\n
- If your server responds within 2000 ms, then Adyen approves or refuses the payment as instructed in the response. Otherwise, Adyen applies your default fallback<\/a>.<\/li>\n<\/ol>","url":"https:\/\/docs.adyen.com\/pt\/issuing\/authorisation","articleFields":{"description":"Learn about the payment authorisation flow and how you can control payment approvals","feedback_component":true,"next_steps":[{"title":"Use transaction rules","description":"Add rules to evaluate transactions with predefined conditions and outcomes.","url":"\/issuing\/authorisation\/transaction-rules","required":false},{"title":"Use relayed authorisation","description":"Add rules to filter payment attempts by responding to relayed authorisation webhooks.","url":"\/issuing\/authorisation\/relayed-authorisation","required":false}],"last_edit_on":"14-08-2023 13:43","page_id":"cc0572e3-7ece-47f5-8dad-822b8f5e7260","filters_component":false,"parameters":{"directoryPath":"\/issuing"}},"algolia":{"url":"https:\/\/docs.adyen.com\/pt\/issuing\/authorisation","title":"Payment authorisation","content":"For security and compliance reasons, Adyen must authorise any payment made with an Adyen-issued card. When a cardholder attempts a payment, Adyen receives a payment request that starts a payment authorisation flow. This flow results in the payment being approved or refused.\nAs part of the flow, we perform internal checks and validations to ensure that the transaction is legitimate. Additionally, we can perform custom verifications created by you. This helps you control the types of transactions that your cardholders can make. You can do this by configuring transaction rules or relayed authorisation.\nAdyen internal checks\nAs an issuer, Adyen must verify that each transaction complies with financial regulations and manage fraud risk. We perform two types of internal checks:\n\nValidations: These verify if the card and transaction are legitimate. For example, we check:\n\nThe expiry date of the card\nThe Card Verification Code (CVC) of the card\nThe available balance in your account\n\nInternal transaction rules: These are transaction rules created by Adyen for regulatory controls. Some of these rules are:\n\nMissing payment instrument capabilities\nContactless limit reached\nMissing CVC2 on an ecommerce transaction\n\n\nCustom verifications\nIf Adyen's internal checks are successful, then we perform the custom verifications created by you. Adyen offers two types of custom verifications: transaction rules and relayed authorisation. You can use either or both of these features.\nTransaction rules\nYou can configure transaction rules to create a logic that automatically approves or declines payment attempts. You can create rules based on various conditions, for example:\n\nMaximum amount\nMaximum number of transactions\nTypes of payments allowed for a payment instrument\n\nTransaction rules are automatically applied to each payment attempt. You can also combine them to facilitate different use cases.\nRelayed authorisation\nYou can use your own business logic to approve or deny each payment attempt. On each attempt, Adyen sends a webhook to your server. Your server has up to 2000 milliseconds to respond. If we do not receive a response within this timeframe, we apply your default fallback.\nPayment authorisation flow\nThe following diagram illustrates the complete payment authorisation flow.\n\nAs shown in the diagram, the flow ends when a payment is approved or refused. The steps of the flow are as follows:\n\nAdyen receives a payment request.\nAdyen performs validation checks on the request.\nIf the payment complies with the validations, then the flow continues to step 3. Otherwise, the payment is refused.\nIf you configured transaction rules, then the flow continues to step 4. Otherwise, it continues to step 5.\nAdyen checks if the payment complies with your transaction rules. If it complies, then the flow continues to step 5. Otherwise, the payment is refused.\nIf you configured relayed authorisation, then Adyen sends an authorisation webhook to your server. Otherwise, the payment is approved.\nIf your server responds within 2000 ms, then Adyen approves or refuses the payment as instructed in the response. Otherwise, Adyen applies your default fallback.\n","type":"page","locale":"pt","boost":18,"hierarchy":{"lvl0":"Home","lvl1":"Adyen Issuing","lvl2":"Payment authorisation"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/pt","lvl1":"https:\/\/docs.adyen.com\/pt\/issuing","lvl2":"\/pt\/issuing\/authorisation"},"levels":3,"category":"Issuing","category_color":"green","tags":["Payment","authorisation"]},"articleFiles":{"payment-flow.svg":"
![\"\"](\"https:\/\/docs.adyen.com\/user\/pages\/docs\/07.issuing\/24.authorisation\/payment-flow.svg?decoding=auto&fetchpriority=auto\")
"}}
- Missing payment instrument capabilities<\/a><\/li>\n