The short answer
A force post (also called "force capture" or "forced sale") is a manual transaction submission where the merchant captures a card charge without running a real-time authorization. The merchant inputs the authorization code they previously obtained by some out-of-band method — typically a voice authorization from the issuer's merchant services line during a POS outage — and the transaction settles. Legitimate force posts are rare (most modern systems handle outages with store-and-forward). Illegitimate force posts are a top indicator of merchant fraud and heavily monitored by acquirers.
When a force post is legitimate
- Voice authorization recovery. POS terminal was offline, merchant called the voice auth line, got an approval code, completed the sale offline. Once systems are back up, force post with the recorded auth code closes the loop.
- Gateway outage recovery. Same scenario for CNP — gateway was down, fallback auth path was used, reconciliation requires force post.
- MOTO scenarios with pre-approved agreements. Rare — some legacy B2B agreements allow merchants to submit captures without a matching auth when billing is pre-agreed.
- Chargeback re-presentment (legacy path). Some acquirers used force posts as part of re-presentment flows. Most have retired this pattern in favor of proper representment.
Why acquirers monitor force posts carefully
- Fraud vector: A merchant with a bad auth history can force-post transactions that wouldn't survive a real-time auth — foreign cards, flagged cards, closed accounts. The chargebacks come later but the money's already moved.
- Missing auth signal: Real auths carry issuer risk scoring. Force posts skip that — so issuer-side fraud filters don't see the transaction until settlement, which is too late to block.
- Compliance violation risk: Visa/MC rules require obtaining authorization for every transaction. A force post without a real auth code is a network violation.
What operators need to know
- Force posts are flagged in real time. Acquirer risk systems alert when force-post volume spikes or exceeds ~2% of total transaction volume. Crossing that triggers account review, reserve increases, and possible termination.
- Auth code must be valid. Force posts that use fake or invalid auth codes are chargeback-certain — the issuer will reject them. Some acquirers now block force posts that don't match a prior auth attempt in their records.
- Chargeback risk is elevated. Force-posted transactions chargeback at 3-5x the rate of authorized transactions. Defense is weak because you can't produce a real-time auth response.
- Most modern platforms have retired the feature. Stripe, Square, Adyen don't expose force post to merchants in their standard UI. Legacy platforms (Authorize.net, TSYS-backed terminals) still do.
- Avoid if you can. Store-and-forward at the POS, retry queues at the gateway, or offline mode on the terminal are better recovery mechanisms than force post. Save force post for genuine voice-auth reconciliation only.
- Multi-brand operators: If one brand shows elevated force-post rate, the whole MID family comes under review. Central enforcement of "no force posts" policy across brands is worth the operational rigor.