Authorization Response Codes
The authorization response code is a value that the card issuer sends to the merchant to indicate whether the authorization request was approved or denied as well as the reason for the denial. This value is present in DE039.
The response code is available in these sources:
response_codefield:- Authorization Events API webhooks
- Auth API
AUTHORIZATION RESPONSEfield:
Allpoint codes
Allpoint uses 3-digit response codes, which are listed in this table.
Auth API 3.0 messages
The values in the Message column are a subset of the possible text explanations in response_code_objects in the Auth API 3.0 webhook payload. To see an expanded set, consult the Response Code Object Messages page.
How to read this table
When the transaction is denied, the deny_code is available in transaction-related Program API responses and the CST.
- Codes marked with an asterisk (
*) are approval codes. All other codes are deny codes. - Where a cell is empty for a network column, it means Galileo sends the Default value.
- Where a cell in the Default column contains a dash (—), it means that only the networks with codes present use that message.
Note
This table presents the most likely response code given the particular (error) message. However, the response codes that Galileo sends back to the merchant can vary depending on your back-end settings as well as the particularities of some transaction types.
| STAR | Discover | Pulse | Mastercard | Visa | Default | Message |
|---|---|---|---|---|---|---|
| 00* | Success. Authorization request approved. | |||||
| 05 | 01 | Issuer error. | ||||
| 03 | Invalid merchant | |||||
| 46 | 46 | 04 | Pick up card. Card status is R or Z. |
|||
| 03 | 05 | Invalid MCC in DE18. Does not conform to ISO 18245. | ||||
| 05 | Do not honor. This is the default deny code when other deny codes do not apply. For mobile-wallet provisioning it means red path. For AVS-only checks it means the card is not in active status. | |||||
| 82 | 05 | EMV transaction missing data needed for validation | ||||
| 82 | 57 | — | EMV Authorization Request Cryptogram (ARQC) validation failure. | |||
| 5C | — | EMV fallback declined for Canadian program | ||||
| 19 | 05 | Invalid date format in DE14 | ||||
| 82 | 05 | CVV1 check failure (CAM, dCVV, iCVV, CVV, CAVV, dcVV2, TAVV, or DTVV results) | ||||
| 63 | N7 | 05 | CVV2 validation failure | |||
| 5C | 05 | Account transfer transactions not supported | ||||
| 5C | 05 | Card service code not configured for product | ||||
| 5C | 05 | Tokenized transaction failure or not permitted. | ||||
| 5C | 05 | 3D Secure validation failed | ||||
| 5C | 05 | Declining this transaction without further processing. | ||||
| 5C | 05 | Auth type not supported in STIP | ||||
| N0 | 05 | Zero standin requested or force STIP | ||||
| 05 | Product missing configuration needed to tokenize card (IPCID not set) | |||||
| 05 | Account status inquiry denied | |||||
| 05 | — | Fleet card transaction error | ||||
| 10* | Partial approval of transaction amount | |||||
| T7 | — | Transaction partial approval includes cashback | ||||
| 11* | Authorization entry generated by Galileo for a settlement that doesn't have a matching authorization. Visible in the RDFs only. Not used by the Auth API or Events API. Not returned to the merchant. | |||||
| 12 | Invalid transaction | |||||
| 12 | — | Mexico only. Point of sale does not support MSI Installments, or the loan terms are invalid. | ||||
| 13 | Invalid amount | |||||
| 14 | Invalid PAN. This PAN does not exist in the Galileo system. Transactions with this response are not passed to the Auth API or included in the RDFs or Program API responses. You can get a list of these attempted transactions in the Bad PAN Authorizations RDF. | |||||
| 19 | 30 | Received badly formatted transaction track data | ||||
| 30 | Format error | |||||
| 46 | 41 | Lost, pick up. The card has been reported lost and is in status: L (lost) or status: A (lost, waiting for sufficient funds). The merchant should retain the card if possible and return it to the issuer. |
||||
| 46 | 43 | Stolen, pick up. The card has been reported stolen and is in status: S (stolen). The merchant should retain the card if possible and return it to the issuer. |
||||
| 51 | Non-sufficient funds and not a force post | |||||
| 54 | Card expired or expiry date mismatch. The card's expiry date has passed, or the value provided by the merchant does not match the value on record. | |||||
| 55 | Invalid PIN, including offline PIN | |||||
| 57 | Transaction not permitted by product settings. See Transaction type validation for details. | |||||
| 62 | 57 | Point-of-Sale or card-not-present transactions are blocked for country | ||||
| 62 | 62 | 78 | 57 | Card is frozen | ||
| 82 | 57 | Error during EMV ARQC validation | ||||
| 96 | 57 | Error processing load transaction (system error) | ||||
| 03 | 5C | 57 | MCC not allowed by account, product, or MCC blocklist | |||
| 57 | Card status is bad or account is in bad standing. See Account and card status response codes for details. | |||||
| N3 | 57 | Cash service not available | ||||
| 62 | 57 | Transaction involves the usage of a country currency code that violates OFAC | ||||
| 63 | 59 | 05 | Suspected fraud | |||
| 59 | — | Transaction risk score too high (>= BRSGE) | ||||
| 59 | — | Risk score is greater than or equal to BRSPU param or 999 | ||||
| 63 | — | Transaction risk score too high (>= BRSMC) | ||||
| 61 | Exceeds amount limit | |||||
| 63 | Security violation | |||||
| 65 | Exceeds count limit | |||||
| 72 | Account not yet activated | |||||
| 75 | PIN retry count limit reached | |||||
| 39 | 39 | 39 | 77 | Credit account not found | ||
| 52 | 52 | 52 | 77 | Checking account not found | ||
| 53 | 53 | 53 | 77 | Savings account not found | ||
| 77 | Invalid From account | |||||
| 78 | Invalid account | |||||
| 87* | Point-of-sale partial approval: purchase only, not cashback | |||||
| 85 | Tokenization request requires additional verification | |||||
| 85* | AVS requested to verify account (account in good standing) | |||||
| 86 | Cannot verify PIN | |||||
| 88 | Cryptographic failure | |||||
| 89 | Unacceptable PIN | |||||
| 91 | System inoperative | |||||
| 94 | Duplicate transaction | |||||
| 96 | System error |
Account and card status response codes
In most cases, a card or account that is not in status: N (normal, active) results in response code 05 (do not honor). However, Mastercard and Visa prefer to use different codes to provide more granular information.
Note
In some cases, the response code is different for account and card statuses. For example, for card
status: C, the default isresponse_code: 57, whereas for accountstatus: C, the default isresponse_code: 05. If both account and card are in the same status, Galileo returns the value for the card status.
| Card status | Account status | Description | Default | Mastercard | Visa |
|---|---|---|---|---|---|
| A | Lost card waiting for sufficient funds | 05 | 5C | ||
| B | Blocked | 05 | 5C | ||
| C | Card canceled | 57 | 46 | 78 | |
| C | Account canceled | 05 | 46 | 46 | |
| D | Card disabled | 05 | 78 | 78 | |
| D | Account disabled | 05 | 5C | ||
| F | Failed ID verification | 05 | 5C | ||
| K | Suspended | 05 | 5C | ||
| L | Lost card | 41 | 46 | ||
| M | Moved to new program | 05 | 5C | ||
| N | N | Active (normal) | 00 | 00 | |
| O | Operations hold | 05 | 5C | ||
| P | Passed ID verification | 05 | 5C | ||
| Q | Q | Delinquent | 05 | 51 | 78 |
| Q | Funding account delinquent | 05 | 5C | ||
| R | Card charged off | 04 | 78 | 78 | |
| R | Account charged off | 05 | 5C | ||
| S | Stolen card | 43 | 46 | ||
| T | ID verification in process | 05 | 5C | ||
| U | Upgraded | 05 | 5C | ||
| V | Card voided | 05 | 78 | 78 | |
| V | Application submitted | 05 | 72 | 5C | |
| W | Waiting for payment | 05 | 78 | 72 | |
| W | Waiting to be processed | 05 | 72 | 5C | |
| X | Set to emboss | 05 | 72 | 78 | |
| Y | Shipped/Ready to Activate | 05 | 72 | 78 | |
| Z | Card canceled without refund | 04 | 46 | 78 | |
| Z | Account canceled without refund | 05 | 46 | 46 | |
| d | Bankruptcy discharged | 05 | 5C | ||
| e | Bankruptcy dismissed | 05 | 5C | ||
| f | Bankruptcy filed | 05 | 5C |
Allpoint response codes
The following numbering scheme is used for Allpoint response codes:
- 0xx — Authorization approved
- 1xx — Authorization denied
- 2xx — Authorization denied
- 4xx — Reversal actions
- 6xx — Administrative actions
- 8xx — Network management actions
- 9xx — Error response actions
| Code | Description |
|---|---|
| 000 | Approved |
| 001 | Approved with identification |
| 002 | Approved for partial amount |
| 003 | Approved (VIP) |
| 100 | Do not honor (general denial) |
| 101 | Expired card |
| 102 | Suspected fraud |
| 103 | Card acceptor contact acquirer |
| 104 | Restricted card |
| 105 | Card acceptor call acquirer's security department |
| 106 | Allowable PIN tries exceeded |
| 107 | Refer to card issuer |
| 108 | Refer to card issuer's special condition |
| 109 | Invalid merchant |
| 110 | Invalid amount |
| 111 | Invalid card number |
| 112 | PIN data required |
| 113 | Unacceptable fee |
| 114 | No account of type requested |
| 115 | Requested function not supported (invalid transaction) |
| 116 | Insufficient funds |
| 117 | Incorrect PIN |
| 118 | No card record |
| 119 | Transaction not permitted to cardholder |
| 120 | Transaction not permitted to terminal |
| 121 | Exceeds withdrawal amount limit |
| 122 | Security violation |
| 123 | Exceeds withdrawal limit frequency |
| 124 | Violation of law |
| 126 | Invalid PIN block |
| 127 | PIN length error |
| 128 | PIN key synchronization error (sanity error) |
| 129 | Suspected counterfeit card |
| 130 | Transaction failed OFAC check |
| 131 | Check not acceptable |
| 138 | Incorrect configuration (custom; not for general use) |
| 159 | Suspected fraud (custom; not for general use) |
| 180 | Limit exceeded due to cash back amount |
| 181 | Enter lesser amount |
| 182 | Institution not supported by switch |
| 183 | Balances not available for inquiry |
| 184 | Resubmission in violation of network rules |
| 185 | Stop payment on check (shared branch only) |
| 200 | Do not honor |
| 201 | Expired card |
| 202 | Suspected fraud |
| 203 | Card acceptor contact acquirer |
| 204 | Restricted card |
| 205 | Card acceptor call acquirer's security department |
| 206 | Allowable PIN tries exceeded |
| 207 | Special conditions |
| 208 | Lost card |
| 209 | Stolen card |
| 210 | Suspected counterfeit card |
| 211 | Invalid card number |
| 214 | No account of type requested |
| 216 | Insufficient funds |
| 217 | Incorrect PIN |
| 400 | Accepted |
| 600 | Accepted |
| 601 | Not able to trace back to original transaction |
| 800 | Accepted |
| 880 | Key change rejected—check value mismatch |
| 881 | Key change rejected—local system problem |
| 882 | Key change request rejected—key change in progress |
| 883 | Declined—incorrect institution identifier |
| 900 | Accepted |
| 907 | Card issuer or switch inoperative |
| 908 | Transaction destination cannot be found for routing |
| 909 | System malfunction |