Pre-authorization explained: How it protects retailers and enhances customer checkout

Pre-authorization — often shortened to pre-auth — is when a business temporarily holds money on a customer’s credit or debit card before the final payment is made.

It’s like setting money aside to make sure it’s available when the final bill is ready.

Key points about pre-authorization:

• The money isn’t charged yet — just held
• It ensures the merchant can collect payment later
• It offers flexibility to adjust the final amount if needed

A simple example:

Let’s say you check into a hotel. The hotel doesn’t know your full bill yet (room service, minibar, late checkout).

So they “pre-authorize” your card for $200:

• The $200 hasn’t been charged yet
• But it’s set aside — you can’t spend it elsewhere

When you check out:

• If the total is $180, they charge that and release the extra
• If it’s $220, they may ask for additional approval

Pre-authorization gives businesses a way to secure payment without immediately charging the customer, offering flexibility for both sides.

Not all pre-authorizations happen the same way. It depends on how the customer provides their card.

Card-not-present pre-authorization (Online, over the phone)

• Used for online shopping, booking a hotel on a website, or placing an order by phone
• The customer enters their card details remotely
• The merchant holds the money even though the customer isn’t physically there

Card-present pre-authorization (POS pre-authorization)

When the customer is physically present and uses a payment terminal, it’s called POS (Point-of-Sale) pre-authorization.

It’s the same idea — just happening in person.

Common examples:

• Checking into a hotel at the front desk
• Renting a car
• Paying at the gas station before fueling
• Opening a tab at a restaurant or bar

How POS pre-auth works:

• The merchant taps, swipes, or inserts the customer’s card
• They send a pre-authorization request to the customer’s bank
• The bank holds the estimated amount
• Later, the merchant captures the final amount (or adjusts it if necessary)

POS pre-auth is especially helpful when the final amount isn’t known upfront, like adding tips at a restaurant or refueling a rental car.

What merchants and customers see and do

Step 1: The merchant places an estimated authorization

• The merchant estimates the total cost of the transaction (e.g., hotel stay, rental, online order) and places a pre-auth hold
• Per Visa rules, this amount must be a genuine estimate and must not include incidental charges like tips or buffers for damage

Step 2: The customer sees a pending charge

• The cardholder sees a pending transaction on their account
• Their available balance is reduced by the authorized amount, but the current balance remains unchanged

Step 3: The final amount is determined

After the service is delivered, the final amount is known. There are three possibilities:

• Final amount = authorized amount
  • Merchant captures the pre-authorized amount
  • The hold is cleared, and funds are transferred
• Final amount > authorized amount
  • The merchant must request an incremental authorization for the difference
  • If no incremental authorization is submitted and the capture amount exceeds the total authorized (original + any incremental authorizations), the issuer may reject the capture
• Final amount < authorized amount
  • The merchant should submit a partial authorization reversal to reduce the hold if the final amount is lower, although capturing a lower amount without reversal is technically allowed. Submitting a reversal speeds up the release of unused funds for the customer
  • This ensures unused funds are released promptly

Step 4: The merchant captures the final amount

• Merchant captures the total authorized amount (original + any incremental auths)
• Funds are now transferred to the merchant, and the pending status is removed

What happens behind the scenes (Issuer + processor actions)

Step 1: The payment request moves through the system

• When the merchant starts the transaction, their system sends a request to their payment processor — a company like Stripe, Adyen, or Square — which handles the technical routing of the transaction.
• The processor then forwards the details to the acquirer — a financial institution such as Chase or Bank of America — which is responsible for clearing and settling the payment and depositing the funds into the merchant’s account.
• The request goes through the card network (such as Visa, Mastercard, or Amex), and then reaches the customer’s bank — this is the bank that issued the card
• The customer’s bank checks:
  • If the card is valid
  • If there’s enough money or credit available
  • If the transaction seems safe (not suspicious or fraudulent)

Step 2: A temporary hold is placed

• If the customer’s bank approves the transaction, it puts a temporary hold on the estimated amount
• The money has not been taken yet, but the customer can’t use it for anything else

Step 3: What happens if the amount changes

• If the final amount goes up, the merchant must send another request (an incremental authorization) to ask for more
• If the final amount goes down, the merchant must send a partial reversal to reduce the hold
• Visa requires these updates to keep things accurate and avoid holding too much money

Step 4: If the rules aren’t followed

• If the merchant tries to take more money than was authorized, without sending an update, the customer’s bank may decline the payment.
• Then the merchant must cancel the original hold and start over with a new authorization.
• If the merchant doesn’t reduce a hold that’s too high, the extra amount stays locked until:
  • The hold expires (usually in 5 to 30 days, depending on the business type), or
  • The merchant sends a partial reversal.

Learn more: Estimated and Incremental Authorization and Reversal Processing Requirements for Visa Merchants

Now that we understand how a pre-authorization works and why it’s useful, let’s look at how long these temporary holds actually last — and what affects their duration.

Pre-authorization holds don’t stay on a customer’s card forever — they usually last anywhere from a few days up to 30 days, depending on the situation.

Visa is the only major card network that publicly provides specific time limits for how long a pre-authorization can remain active before it expires. While

Mastercard and American Express are known to follow similar best practices, but only Visa offers clear and detailed timelines.

Here are the Visa timeframes based on transaction type: These timeframes are broadly similar across all three networks:

If the merchant doesn’t complete (or cancel) the transaction within the allowed time, the hold will automatically expire. When that happens, the money becomes available to the cardholder again, but this release isn’t always instant. Depending on the customer’s bank, it may take a few days for the available balance to update.

That’s why businesses should act within the allowed timeframe — and why customers may notice a delay if a transaction isn’t finalized quickly.

For merchants

• Guarantees funds are available: When a customer’s card is pre-authorized, it confirms the funds or credit limit are available. This reduces the risk of declined payments later
• Minimizes financial losses: Pre-auth protects businesses when the final amount is unknown (e.g., hotel stays, rentals). If the customer leaves without paying or adds charges later, merchants can adjust the hold before capturing.
• Reduces fraud and chargebacks: Pre-auth gives merchants time to verify orders before finalizing the transaction, especially for online or high-value sales.

For customers

• Helps track spending in real time: The hold appears as a pending transaction in the banking app, so customers can see how much has been temporarily reserved.
• No immediate charge: Pre-auth is a hold, not a charge. The money isn’t withdrawn until the final amount is confirmed and captured. If the service is canceled, the hold is reversed, and there will be no refund delay.

Even though pre-authorization is a useful tool, many merchants run into trouble when they don’t follow card network rules or best practices. Here are some of the most common mistakes — and why they can cost you money, customer trust, or both.

Failure to capture within the allowed window

What goes wrong: The merchant doesn’t capture the funds before the pre-auth expires (e.g., after 5, 10, or 30 days, depending on card issuer rules).

Impact:

• The authorization becomes invalid
• The merchant must re-authorize the full amount
• Risk of declined payment or lost sale

How to avoid it:

• Monitor pre-auth expiration windows by transaction type
• Set up automated alerts or reminders to capture in time
• Capture promptly once the final amount is confirmed

Capturing more than authorized without an incremental authorization

What goes wrong: The final amount is higher than the original pre-auth, but the merchant tries to capture the full amount without requesting an increase.

Impact:

• The issuer may decline the capture
• Merchant may have to ask the customer for payment again
• Risk of chargebacks or lost revenue

How to avoid it:

• If the final amount increases beyond the original estimate, submit an incremental authorization before capturing. For example, Visa requires an incremental authorization if the final amount is more than 15% higher than the original estimate (or more than $75 higher for car rentals)
• Ensure your system supports partial and incremental auth workflows

Forgetting to send a reversal for cancelled transactions

What goes wrong: The merchant cancels the transaction but doesn’t notify the cardholder’s bank.

Impact:

• Funds remain on hold for days
• Customer confusion or frustration
• Damage to merchant reputation and brand trust

How to avoid it:

• Always submit a reversal request if the transaction is canceled
• Train staff to process reversals promptly

Using an unclear business name on the cardholder’s statement

What goes wrong: The name shown on the customer’s bank statement doesn’t match what they recognize (e.g., online store name).

Impact:

• Higher chance of “friendly fraud” (disputes from confused customers)
• Increase in chargebacks, which can hurt your merchant account

How to avoid it:

Use a recognizable and consistent merchant descriptor, and work closely with your payment provider (like Stripe or Square) or your acquirer (the bank or financial institution that processes payments for your business, such as Chase or Bank of America) to ensure your business name appears correctly on customer statements.

Visa recommends verifying that your transaction messages are coded properly so that important fields—like your business name—show up clearly and consistently.

Misunderstanding tolerance limits

What goes wrong: The merchant captures an amount that exceeds allowable thresholds (typically 15% or $75 over the pre-auth for certain industries) without an incremental authorization.

Impact:

• Transactions may be rejected at capture
• Delays or failed payments may result in lost revenue

How to avoid it:

• Train staff to recognize when a final amount exceeds the allowed variance compared to the original pre-authorization
• Always submit an incremental authorization request before attempting to capture amounts that exceed the original estimate beyond card network thresholds
• Set up system rules or alerts that automatically detect when a capture amount would breach tolerance limits, prompting an incremental authorization workflow

Here’s how pre-authorization works in real-world situations and why each industry needs it:

Hotels

Why pre-auth is needed: To cover the room stay, taxes, and potential extra charges like minibar use or late checkout. The final amount often changes, so hotels pre-authorize an estimate and adjust later if needed.

How it works: Hotels place a hold when you check in. If the final bill is more than 15% higher than the original pre-authorized amount (or $75 more for rentals), the merchant must request an incremental authorization. At checkout, they finalize the actual charge and release any unused funds.

Car rentals

Why pre-auth is needed: To secure payment for the rental itself, insurance options, possible fuel charges, or vehicle damage. The final cost isn’t always known upfront.

How it works: Rental companies place a hold when you pick up the car. If no extra charges apply, the final bill may be lower than the hold, and they will adjust it when you return the vehicle.

Gas stations

Why pre-auth is needed: Because the exact amount of fuel purchased isn’t known when you first swipe your card. Pre-auth protects the station by ensuring you have enough funds.

How it works: A gas station pre-authorizes a fixed amount (like $100). After fueling, they capture only the exact amount you pumped, and the rest of the hold is released.

Bars and restaurants

Why pre-auth is needed: In bars or sit-down restaurants, customers often open a tab or tip after the meal. Since the total amount can change, pre-auth helps secure payment upfront and allows adjustments for tips or added items.

How it works: When a customer opens a tab, the merchant places a small pre-authorization (e.g., $1 or $25) to confirm the card is valid. When the final bill is ready, the merchant captures the total, including tip. If the final charge increases significantly beyond the original estimate, they may request an incremental authorization to stay within network rules.

Online retail (High-value orders)

Why pre-auth is needed: For high-value items like electronics, the retailer needs to verify funds but may not finalize the charge until the item is ready to ship.

How it works: The store places a pre-authorization when you place the order. Once your item ships, they capture the exact amount. If there are changes (like an item out of stock), they can adjust the hold accordingly.

Setting up pre-authorization correctly requires both payment gateway or processor support and POS system compatibility.

Not every system handles pre-authorization the same way, so you’ll need to ensure your setup can fully support it from sale to settlement.

Key steps to setting up pre-authorization:

• Choose a payment provider that supports pre-auth: Not all payment processors or gateways enable pre-authorization by default. Check your provider’s documentation or support team to confirm how to activate it.
• Make sure your POS system is compatible: If you sell in-store, your POS system must be able to communicate pre-authorization requests to your payment processor. This ensures that sales, inventory, and payments all stay synced accurately.
• Estimate reasonable pre-auth amounts: Merchants should only authorize an amount that reasonably reflects the expected final transaction. Card networks like Visa and Mastercard require that pre-authorization amounts are genuine estimates — not inflated for convenience.
• Inform customers upfront: If your store uses pre-authorization (especially for larger transactions, rentals, or tabs), clearly communicate it at checkout or during booking. This minimizes customer confusion and disputes later.

Not all payment processors handle pre-authorization the same way, especially when it comes to working with third-party POS systems.

The table below summarizes which providers support pre-auth, whether it’s available for online, in-store, or both, and how easily third-party POS systems can integrate to initiate and manage the pre-auth flow

Transparency note:

Every effort has been made to ensure the accuracy of this comparison based on publicly available developer documentation, official product guides, and verified merchant information. Where a payment provider’s developer documentation was not public or integration details were unclear, we have carefully noted it and provided the best possible interpretation based on available sources.

Readers are encouraged to consult their specific payment processor or POS provider directly for the most up-to-date and detailed integration information, especially when planning a pre-authorization setup.

Myth #1: “Pre-authorization means I’ve been charged.”

A pre-authorization is not an actual charge; it is simply a temporary hold on funds to ensure they are available. The money is not transferred until the merchant captures the transaction. That’s when the hold becomes a charge.

Myth #2: “Why am I seeing a transaction that is not the same as my charge?”

If customers see a transaction on their account that doesn’t match their final purchase amount, it’s often because the merchant placed a pre-authorization hold.

A pre-authorization temporarily reserves a specific amount on the customer’s card — it doesn’t actually withdraw money yet. This reserved amount appears as a pending transaction and affects the Available Balance (the amount you can spend), but not necessarily the Current Balance right away.
Once the final transaction is completed, the pre-authorization is either finalized for the correct amount or released if not needed.

Myth #3: “Why are there two charges on my account?

When you see what looks like two charges on your account, it’s often because one is a pre-authorization hold and the other is the finalized transaction.

A pre-authorization temporarily reserves an estimated amount on your card. It appears as a pending transaction but doesn’t actually withdraw money yet. Once the merchant completes the sale, they finalize the charge — and both the hold and the final charge may briefly appear at the same time in your banking app.

Usually, the pre-authorization will disappear automatically once the final transaction settles.

However, if you notice that both transactions are finalized charges (meaning two amounts have actually been deducted from your available balance), you should contact both the merchant and your bank immediately to report the duplicate and request a correction.

Myth #4: “My holding funds take forever to return to my account.”

If your funds take longer than expected to return, contact your financial institution or the merchant directly to ask about the status of the authorization hold. Banks and merchants are best positioned to provide updates because authorization holds automatically expire after a set period, based on the card network rules.

It’s also a good idea to check with the merchant before completing a purchase that involves a pre-authorization, so you know when to expect the funds to become available again.

Pre-authorization appears as an initiative that gives customers more control over their shopping experience. At the same time, it provides an extra layer of guarantee for merchants to reduce the chance of fraudulent transactions, causing additional fees and failed transactions. As commerce continues to evolve, adopting pre-authorization methods can help streamline payments and create a more secure and fair experience for both merchants and customers alike.

1. Is post-authorization the same as pre-authorization?

No, they are not the same. In fact, they are two different stages in the payment process. While pre-authorization places a temporary hold on the customer’s funds and happens before a purchase is finalized, post-authorization occurs when the merchant finalizes the charge and happens after the transaction is complete.

2. How long do pre-authorizations last?

Pre-authorization holds typically last between 5 to 30 days, depending on the type of transaction, the industry, and card network rules. For example, Visa specifies 5 days for in-store transactions, 10 days for online or phone transactions, and up to 30 days for lodging and rental industries.

3. What is the meaning of pre-authorization?

A pre-authorization, or pre-auth, temporarily holds a specific amount of funds on a customer’s card. The amount is reserved for merchants but remains within the customer’s account.

4. What is the difference between pre-authorization and a finalized charge?

A pre-authorization is a temporary hold of the funds, meaning the money is not taken from your account, just reserved. Meanwhile, a finalized charge is a completed transaction, meaning the money is officially withdrawn from your account.