We use cookies to enhance your user experience. By clicking any link on our site you’re giving your consent for us to set cookies.

More info
Back
Get Started
Back to all

Pre-authorised payments: how they work and why businesses use them

Dariana Toloknova Dariana Toloknova
image October 30, 2025
image 12 min

Share this post:

Pre-authorised payments: how they work and why businesses use them
Content

Share this post:

Sometimes you don’t want to take money straight away – you just need to make sure it’s there. That’s what pre-authorisation charges are for.

This guide explains what pre-authorisation means, how it works, where it helps, and how to implement it securely.

What does pre-authorisation mean?

Pre-authorisation (authorisation hold, pre-auth) is a two-step card transaction process where the issuer approves and reserves a specific amount on the customer’s account, confirming fund availability without moving money yet.

This approach answers a simple operational question: ‘Will this charge go through?’ — giving businesses confidence before delivering a product or service.

How do pre-authorisations work?

Here’s the process in short:

  1. Customer initiates a transaction. The customer provides their card details to book or secure a service.
  2. Authorisation request. The merchant’s system sends an authorisation request through the processor and acquiring bank, via the card network, to the issuing bank.
  3. Issuer review. The issuing bank checks card validity, available funds, and potential fraud risks. If approved, it reserves the requested amount, placing a temporary hold on the customer’s account.
  4. Hold placed. The customer sees this as a pending charge, but no money has been transferred. The funds are simply locked and unavailable for other use.
  5. Service completed. Once the service is delivered and the final amount is confirmed, the merchant either captures the funds (completing the charge) or releases the hold if no payment is needed.
  6. Hold expiry. If the merchant neither captures nor voids the pre-authorisation, it will eventually expire after a time limit set by the card issuer and network rules. The hold “drops off” and the funds become available to the cardholder again.

pre-authorisation charge flow

How long do pre-authorisations last?

The duration of a pre-authorisation depends on the card network and merchant category. Typically, a pre-authorisation hold expires within 5-7 days. Industries like travel or rentals may apply longer holds (up to 30 days), especially if the service or final amount is uncertain.

In some cases, pre-authorisations may expire within hours once the transaction clears. This often happens with low-value or ‘micro’ authorisations, such as those used by fuel stations, online subscriptions, or digital wallets to verify that a card is active and has available funds.

coin
Ready to start your success story?
See our platform in action, share your challenges, and find a solution you’ve been looking for.
Get started

Pre-authorised payments vs. immediate and recurring payments

Pre-authorised payments differ from other payment models mainly in timing and intent. Here’s a quick comparison:

Type Description When captured Common use cases
Pre-authorised payments The merchant requests authorisation to hold a specific amount on the customer’s card without immediately taking the funds Funds are captured later (usually after confirmation of goods/services) Hotel bookings, car rentals, e-commerce pre-orders
Immediate payments Funds are authorised and captured instantly in a single step Immediately at checkout Online purchases, digital goods, utility bills
Recurring payments Scheduled or repeated payments that happen automatically after initial authorisation Captured on a set schedule (e.g., monthly, yearly) Subscriptions, memberships, SaaS, loan repayments

The benefits of pre-authorised payments

Used correctly, pre-auths reduce risk, protect revenue, and improve operations. Let’s break that down.

For businesses

  • Cost efficiency. Because no money is actually moved until the capture stage, you avoid gateway and interchange fees that usually apply to completed transactions. If a booking or order is cancelled, the pre-authorised amount can simply be released instead of refunded, meaning no double fees for refund processing or reversal.
  • Guaranteed funds. Pre-auths confirm the customer has enough credit or funds before you deliver. It’s upfront protection against failed or declined payments.
  • Prevent fraud and chargebacks. Since cards and funds are verified in advance, fraud attempts are easier to catch. Pre-auths also serve as a record of consent, reducing disputes or claims of unauthorised charges.
  • Flexibility to adjust final charges. Unlike immediate payments, pre-auths are flexible. Capture the full amount, less than estimated, or more (with incremental authorisation). Great for situations like adding extras to an order or combining multiple purchases into one charge.
  • Improve operations and forecasting. Fewer failed payments mean fewer manual re-attempts. Holds also give you visibility into expected revenue — helpful for forecasting and aligning with bookings or reservations.

For customers

  • No immediate charge. Funds are only held, not taken, until the service or order is completed. If it’s cancelled, the hold simply disappears – no refund needed.
  • Easy to change or cancel. Because no charge has gone through, customers can cancel plans within policy limits without waiting for money to return.
  • Clear visibility. Holds appear as pending transactions, helping customers track spending and plan budgets. In some banks, they may instead show as small temporary charges or only affect the available balance.
  • Protection from overcharging. Merchants can’t charge more than the pre-authorised amount without approval, ensuring customers only pay for what they receive.
  • Peace of mind. Knowing the payment is reserved but not taken builds trust — customers feel safer booking or renting when they won’t be charged unless everything goes smoothly.

Potential risks and compliance considerations

Pre-authorised payments give merchants flexibility, but they also require careful handling. Here’s what to watch out for:

Expired or unclaimed holds

If a merchant forgets to capture or release a pre-authorisation charge within the allowed timeframe, the hold expires automatically. This can lead to failed captures or customer confusion when the final charge doesn’t go through. Businesses should track active authorisations and set up automated alerts to avoid missed settlements.

Customer frustration

From the customer’s perspective, a pre-authorisation can look like a charge. If they see a pending amount on their statement without understanding that it’s temporary, it can cause concern or support requests. Clear communication is key — merchants should explain that it’s only a hold, not a payment, and when it will be released or captured.

Capture errors or double charges

Capturing the same hold twice or trying to capture after expiry can cause duplicate charges. Payment systems should include safeguards like idempotency checks, clear logging, and automated expiry handling to prevent these errors.

Compliance with PSD2 and SCA

Under PSD2, Strong Customer Authentication (SCA) applies at the authorisation stage unless an exemption is valid. Make sure your setup meets SCA rules, or transactions may be declined.

Scheme and acquirer rules

Visa, Mastercard, and other card networks define strict rules for pre-authorisation timeframes, adjustments, and completion procedures. Merchants who don’t comply — for example, by capturing after expiry or failing to release holds promptly — risk disputes, fines, or chargebacks.

How to set up a secure pre-authorised payment system

Setting up and managing pre-authorisations it’s about designing a flow that’s reliable, compliant, and clear for both your team and your customers. Here’s how to do it right.

how to set up pre-authorisation charges

1. Identify when pre-authorisation makes sense

Start by mapping where in your customer journey pre-authorisation adds value. It’s ideal when you need to confirm funds before delivering a service or when the final cost isn’t known upfront — for example, rentals, marketplaces, or any order fulfilled later.

Avoid using it for fixed-price, instant purchases where an immediate payment is simpler.

2. Choose payment providers that support pre-auth flows

Not every payment processor or acquiring bank supports pre-authorised transactions and delayed capture. Check that your provider can:

  • Separate authorisation and capture steps
  • Support partial or multiple captures
  • Handle reversals and expired holds automatically

The most popular PSPs that support pre-authorisations are Stripe, Adyen, Worldpay, and Braintree.

3. Set up your technical architecture

Design your system to manage the full pre-authorisation lifecycle. At a minimum, this includes:

  • Setting up a default delayed-charge action (capture or void) and delay (hours or days), or passing these values when creating the transaction.
  • Initiating pre-authorisation with flow=delayed_charge
  • Storing the authorisation reference (transaction ID, PSP reference, or authorisation blob) for future capture or adjustment
  • Supporting partial or full adjustment of the hold amount
  • Capturing the final amount or cancelling the hold if needed

4. Implement webhook listeners

Set up secure webhook endpoints to receive real-time updates on authorisation events. These should cover key scenarios such as successful or failed authorisations, expiration warnings, adjustment confirmations, and capture completions. To protect your system and data, implement strong webhook security measures, including HTTPS endpoints, signature validation, retry logic for failed deliveries, and event logging for audit purposes.

5. Configure hold parameters

Set the appropriate hold duration based on your merchant category code (MCC) and operational needs. Standard pre-authorisations typically last 5-7 days, but certain industries can extend holds up to 30-31 days.

Also, define sensible minimum and maximum authorisation amounts. Monitor expiration windows so you can either capture or extend before expiry – expired holds can’t be captured, and funds return to the customer.

6. Add fraud prevention measures

Implement fraud checks specifically tailored to pre-authorisation. Use device fingerprinting to detect anomalies, velocity checks to flag unusually frequent transactions, and behavioural analytics to identify suspicious patterns. Maintain blocklists and allowlists to filter known bad actors.

Consider 3D Secure authentication for high-risk transactions to add an extra verification layer.

7. Build customer communication workflows

Transparent communication reduces confusion and chargebacks. Inform customers:

  • That a hold is being placed and for how much
  • How long the hold will last
  • When the final charge will occur
  • When unused funds will be released

Share this information during checkout, in confirmation emails, or verbally if applicable.

8. Settle and reconcile

Decide whether to use automatic capture with a configurable delay or manual capture that requires staff approval. Configure settlement intervals that align with your risk tolerance — 120 hours is a common benchmark that balances cash flow needs against chargeback exposure.

Also, build reconciliation workflows to track the gap between authorised and captured amounts, monitor expired authorisations, and manage partial captures or refunds.

9. Test before going live

Thoroughly test the entire flow — from initial authorisation to final capture. Validate adjustment scenarios, simulate authorisation expirations, and ensure your system handles failures and declines gracefully. Use a variety of card types and transaction amounts to verify card network and issuer compatibility.

🔍
Combining a payment orchestration platform with pre-authorisation-ready PSPs simplifies building and managing a reliable pre-auth setup. Instead of maintaining bespoke integrations and navigating each provider’s specific rules, the orchestrator introduces a unified control layer that handles differences in holds, adjustments, and expirations — cutting engineering effort and reducing risk.

Best practices for pre-authorisation payments

A well-orchestrated pre-authorisation flow combines technical precision, automation, and customer empathy. The best practices are:

Use dynamic routing for pre-auth-enabled PSPs

Some providers support multi-step authorisations natively, while others simulate the flow. To maximise approval rates and reliability:

  • Route pre-auth requests dynamically to PSPs proven to handle them successfully. Use real-time performance data, card type, region, and issuer response patterns as routing parameters.
  • Fallback smartly. If the preferred PSP fails to authorise, automatically cascade to another provider that supports pre-auth to avoid checkout disruption.
  • Track decline patterns across acquirers — this helps optimise routing logic over time and ensures your pre-auth success rates don’t lag behind your standard payment flow.

Automate capture and void logic

Manual captures are prone to delays and human error, especially at scale. Automating this logic helps your team stay compliant and efficient.

  • Set automated capture triggers based on business rules (e.g., fulfilment confirmation, time-based conditions, or service completion).
  • Apply conditional voids when the order is cancelled or modified before capture. Automating voids prevents unnecessary settlement fees and improves operational accuracy.
  • Monitor partial captures for flexibility — essential for businesses dealing with split shipments, variable tips, or deposit models.

Monitor pre-auth expiry and retries

Each pre-authorisation has a defined validity period, typically between 5 to 30 days depending on the card scheme or acquirer. Once expired, it can’t be captured — leading to lost revenue or customer frustration.

To avoid that:

  • Set alerts and expiry dashboards within your payment system to flag upcoming expirations.
  • Retry intelligently — if the capture window is closing, your orchestration logic can re-initiate a new pre-auth before expiry to maintain the hold.
  • Audit PSP behaviour, as some automatically release funds earlier than others. Knowing this helps fine-tune timing and routing preferences.

Keep customers informed about holds and captures

Even the smoothest backend logic can’t offset poor user experience. Customers need clarity about when and why funds are held.

  • Show clear, timely messages at checkout and in confirmation emails: “Your card has been authorised, and the amount will be captured after shipment.”
  • Notify on release or capture with precise wording and context — avoid vague updates.
  • Localise explanations where necessary; pre-authorisation norms vary across markets, so clarity builds trust globally.

qoute
Our role is to guide users clearly and effortlessly, ensuring they never feel stuck or stressed. And when challenges appear, quick support touchpoints — chatbots, live chat, or a well-placed FAQ — can make the difference between an abandoned cart and a successful transaction.
Ihor Kostiuk, Product Designer at Corefy
Ihor Kostiuk
Product designer at Corefy

Key takeaways

  • Pre-authorisation adds control and reduces risk. It lets you verify funds before charging, so you can deliver confidently without worrying about failed payments or refunds. This control helps reduce operational friction, chargebacks, and disputes.
  • Operational discipline matters. Capturing or releasing holds on time keeps your cash flow predictable and your customers informed. Build clear internal workflows and use automated reminders to avoid expired holds and failed captures.
  • Automation prevents errors. Automating capture, void, and expiry tracking ensures accuracy, speeds up settlement, and reduces manual work for your team.
  • Payment orchestration simplifies the setup. It connects all your PSPs, acquirers, and payment methods under one system, centralising authorisation, capture, and reporting, while dynamic routing sends each transaction to the provider most likely to approve it. The result: higher success rates, lower costs, and fewer integration headaches.
  • Done well, pre-authorisation pays off. When supported by automation, orchestration, and disciplined processes, pre-authorisation becomes a competitive advantage — improving efficiency and building customer trust.
rocket
We would be delighted to help you with all things payments!
Book a demo and learn how Corefy can help you handle your payments and payouts efficiently.
Get started

Share this post:

Back to all

Related articles

Visa VAMP explained: key changes for merchants & payment businesses
  • articles

Visa VAMP explained: key changes for merchants & payment businesses

image October 22, 2025
image 8 min
Payments cascading: how it improves transaction success rates
  • articles

Payments cascading: how it improves transaction success rates

image October 8, 2025
image 5 min
Open-source payment gateways: benefits, drawbacks & alternatives
  • articles

Open-source payment gateways: benefits, drawbacks & alternatives

image September 30, 2025
image 9 min
What is payment infrastructure and how it works
  • articles

What is payment infrastructure and how it works

image September 30, 2025
image 9 min
Payment stack: definition, key components & optimisation tips
  • articles

Payment stack: definition, key components & optimisation tips

image September 24, 2025
image 11 min
Merchant onboarding process: steps, technology & best practices
  • articles

Merchant onboarding process: steps, technology & best practices

image September 16, 2025
image 11 min
PayFac as a service: all questions answered
  • articles

PayFac as a service: all questions answered

image September 5, 2025
image 10 min
Where is online gambling legal: industry review
  • articles

Where is online gambling legal: industry review

image September 1, 2025
image 14 min
Online dating payment processing: everything you need to know
  • articles

Online dating payment processing: everything you need to know

image August 26, 2025
image 10 min

Routes to explore more

Are pre-authorised payments safe?

Yes. Pre-authorised payments are considered safe because no money is transferred until the merchant captures the transaction. During the pre-authorisation stage, the customer’s bank or card issuer verifies the payment method, places a temporary hold, and keeps control of the funds until capture or expiry. When handled by PCI DSS-compliant providers, the process is secure for both merchants and customers.

What is the difference between pre-authorised debit and credit?

The main difference lies in how pre-authorisations work in terms of where funds are reserved:

  • With a pre-authorised debit, money is held directly from the customer’s bank account.
  • With a pre-authorised credit, the hold is placed on the customer’s credit limit rather than their available balance.

In both cases, the pre-authorisation charge on a credit or debit card doesn’t actually move money – it simply ensures that the specified amount is available when the final charge is made.

Can customers cancel a pre-authorised payment?

Yes. If the merchant hasn’t yet captured the payment, the customer can request cancellation. The pre-authorisation amount will then be released, and no money will be charged. Once the capture occurs, the transaction is processed like a normal payment, and standard refund procedures apply. Holds also expire automatically after the card network’s set timeframe if not captured.

What are common industries that use pre-authorised payments?

Pre-authorisation is common wherever the final amount or fulfilment isn’t confirmed at the time of booking. This includes hospitality, car rentals, e-commerce, logistics, travel, and service marketplaces. In these industries, merchants rely on debit or credit card pre-authorisation to secure deposits, verify funds, or manage variable charges without committing to a full payment upfront.

What is a total debit pre-auth hold?

A total debit pre-auth hold is the full amount temporarily reserved on a customer’s account when a transaction is authorised but not yet settled. It reduces the available balance (or credit) by that amount but doesn’t actually withdraw the funds. Once the transaction is captured or voided, the hold is cleared – either converting into a charge or releasing the money back to the customer.