An authorization system allows for cardholder-provided parameters to a personal authorization subsystem. The parameters can be selected by the cardholder to limit the authorizations that would otherwise be granted on the card. The parameters can indicate limits by frequency, dollar amount, merchant, geographic location, time of day, combinations thereof, or the like. Authorization for a given transaction, even where authorized by an issuer and a network operator, might be denied based on self-constraints set by the cardholder. In some variations, messages are sent to the cardholder based on constraints set by the cardholder and transactions might be approved and messaged, or denied and messaged.