Pre-authorisations (Payment Pages)


A pre-authorisation is used to seek authorisation for a transaction and reserve the funds on the customer’s account, in cases where the final amount to be debited from the customer is not known at time of authorisation. By default, the funds reserved by pre-authorisations are typically settled within 24 hours, but if required, they can be deferred for up to 31 days. If the transaction is not settled within this time-frame, we will automatically cancel the transaction and the funds will be released back into the customer’s bank account.



Pre-authorisations are most useful when employed in the following scenarios:




You can only process pre-authorisations with Mastercard and Visa-branded cards.
Mastercard Europe have mandated that Mastercard and Maestro transactions processed with certain European acquiring banks must be flagged as either pre-authorisation or final authorisation. Such transactions are subject to acquirer-specific conditions.


Failure to adhere to these conditions may incur a fine from Mastercard.
For full terms and conditions, please contact your acquiring bank.



Processing pre-authorisations

Default behaviour

By default, authorisations are processed as final authorisations in cases where a distinction is required by the participating acquirer. You can change this default behaviour to submit pre-authorisations, by contacting our Support Team. Alternatively, you can override the default behaviour on a transaction-by-transaction basis by following the instructions below.


If you are not sure whether your site has been configured to process pre-authorisations or final authorisations, click here to learn how to check using MyST.


You will need to include the authmethod field in the POST submitted to Trust Payments, with the value “PRE” to indicate the transaction will be a pre-authorisation. (This overrides the default behaviour on the site reference when submitted)


Request example

If you need to override the site reference’s default auth method to process a pre-authorisation, include the following in your POST to Payment Pages:

<input type="hidden" name="authmethod" value="PRE">

Important: If including the above in your POST, the value of the field authmethod needs to be included in the correct position within the string used to generate your request site security hash. Failure to do so will result in the customer being shown an “Invalid details” error message. Click here for further information on site security, and the default order of fields in the string.