|This article does not cite any references or sources. (March 2007)|
Online Authorization (or OLA) is a system used to verify a transaction on a payment card (e.g. credit card). The term 'on-line' refers to the real-time nature of the verification. In other words, if the account is overdrawn, in most cases, the transaction will be refused.
During on-line аuthorisation:
- The cardholder's PIN is encrypted by ATM|POS PINpad secure module (HSM) and sent to an issuer bank.
- A card cryptogram is sent to an issuer bank (Smart card, EMV).
- An issuer bank verifies the PIN or check card cryptogram.
- An issuer bank makes finance verification (on-time limit, credit limit, ...)
- An issuer bank sends OK or !OK (+optional command list for EMV card).
(The recrypt PIN block process is not included in list.)
The set of verifications performed by an issuer bank depends on the card type, payment system requests and features of the issuer bank's processing system.