The most successful businesses are continuously seeking ways to improve the customer experience, and one of the most effective ways to do so is to ensure a seamless, friction-free checkout. Solutions like card-on-file payments make this more possible.
In this article, we break down what you need to know about this ubiquitous type of transaction, unpacking everything from its use cases, benefits, and drawbacks.
Card-on-file transactions are payments in which the cardholder's credit or debit card information is stored on file to be used for future purchases.
When the cardholder makes a purchase, they simply provide their name and identifying payment information to the merchant, who will then store the sensitive information safely to charge the card when necessary.
There are several types of card-on-file transactions, each serving a unique purpose.
Find out more about how Checkout.com's payment processing solutions can help you optimize your payments strategy.
Card-on-file transactions can be initiated by both merchants and consumers — these are known as Merchant-Initiated Transactions (MIT) and Consumer-Initiated Transactions (CIT).
MITs are transactions that are initiated by the merchant rather than the cardholder. Consumers must have previously initiated a transaction with the merchant and given their consent for future use in order for merchants to initiate this type of transaction. Merchant Initiated Transactions usually are in the form of either one-time or recurring transactions.
MITs can be used for a variety of purposes, such as subscription services, club memberships, or even donations. Sometimes, MITs can also recoup funds that were previously charged back to the merchant. For example, if a customer cancels their subscription but doesn't provide sufficient notice, the merchant may initiate an MIT to recover the remaining balance.
Some examples of situations where an MIT would be appropriate include:
CITs, on the other hand, represent transactions initiated by the consumer.
When a customer makes a purchase on a merchant’s website, they enter their credit card information into their payment gateway. The gateway then processes the payment and deposits the funds into the merchant account. The entire process is initiated and completed by the customer — with no action necessary from the merchant’s side.
All businesses can benefit from the speed, convenience, and hands-off nature of card-on-file transactions.
But some businesses in particular have the most to gain – so let’s take a look at which.
Card-on-file transactions are particularly important for businesses that operate subscription services, where accepting recurring payments – every week, month, or year, for example – is crucial. These types of businesses could include:
By storing your customers’ card details on file, you remove the need for them to have to re-enter their card details every time their subscription is up for renewal. This minimizes the likelihood of customer churn, and reduces checkout friction by removing one more barrier between them and the purchase.
You can further optimize your card-on-file transaction processing by utilizing a real-time account updater, which automatically refreshes the card details you have stored on file when they change (this could be due to the card expiring, or being replaced due to loss or theft).
Other ways subscription-based businesses can improve the recurring payments process is through picking a payment processor that – like Checkout.com – offers smart retries. This means that, should one of your subscribers’ payments fail, the system will automatically attempt the payment again (for a preset amount of times, in a preset period).
For more tips like this, delve into our guide to SaaS payments.
Ecommerce marketplace such as Amazon, Etsy, and eBay utilize card-on-file transactions to enable faster, more seamless payments.
Amazon’s 1-Click Payments, for example – or eBay’s immediate payment – allows customers to save their card after their first purchase. Then, when they come to buy again, they can forgo the usual lengthy rigmarole at the checkout (that is, having to enter their billing address, card details, and personal information), and simply click to checkout in seconds.
This boosts conversion rates, reduces cart abandonment, and makes for a clear, clutter-free checkout – and it’s something all ecommerce businesses can emulate. To find out how, explore our article dedicated to ecommerce payment processing.
Digital wallets (such as Apple Pay, Google Pay, and Samsung Pay) enable merchants to accept payments with the credit and debit cards they have saved to their smart devices.
This process, which allows consumers to pay for goods and services in-store or online – through their smartphones, tablets, or smart watches – is made possible by a process called payment tokenization.
We’ll dive deeper into what tokenization is shortly, but broadly it’s a way of securing transactions by replacing a card’s most sensitive information – which includes its primary account number (PAN), expiry date, and CVV – with ‘tokens’. The tokens (which, in this context, are random strings of numbers that, since they have no intrinsic value, are indecipherable outside the system they belong to) are stored on the customer’s device.
This means that, when the customer comes to pay, they don’t even need their card on them. This is convenient for the customer, but – because they’ll typically need to biometrically verify their identity to make a payment – it’s also more secure than a typical tap ‘n’ go payment with a physical credit or debit card.
Card-on-file transactions are important for businesses that rely on in-app purchases.
Here, the ‘freemium’ model – where the app, despite being free to download and use, offers additional features only attainable by spending real money – is popular.
Apps offering in-app payments on a freemium basis could include:
Card-on-file transactions allow users to make these purchases without even having to leave the app. By connecting seamlessly, in seconds, to the customer’s digital wallet, card-on-file transactions enable the customer to access their saved card, biometrically verify the payment, and continue playing – all with minimal interruption.
Many hotels, airlines, and travel booking platforms (such as Booking.com and Airbnb) save their returning customers’ card details on file to enable faster, simpler future payments.
What’s more, the nature of the hospitality business means that hotels and restaurants often need to be sure that a customer is planning to follow through on their reservation – and to cover their own costs in the event of a no-show. Through card-on-file transactions, restaurants can store the card details of a diner when they make a reservation online, then charge them a fee if they don’t show up.
Similarly, hotels can save their guests’ card details on file, and use them to process additional payments (for breakfast, laundry, or the minibar service, for example) without the customer needing to be physically present to verify the transaction.
Although card-on-file transactions are important for streamlining the checkout process and facilitating faster friction-free payments, they’re not without their security risks.
Any company storing card information must do so in a way that complies with PCI DSS (Payment Card Industry Data Security Standard) regulations, and that safeguards that cardholder data from breaches or infiltration by hackers.
Here’s where card-on-file tokenization comes in. This process, which we touched on earlier, involves replacing any usable card data (such as the PAN, the CVV, and the expiry date) with random, algorithmically generated alphanumeric strings called ‘tokens’.
This means that, as a merchant, you’re able to charge your customers’ cards – without needing access to the actual card information. You’ll just have the tokens – which helps simplify your PCI compliance requirements, and the administrative workload those entail.
These network tokens work like a poker chip at a Las Vegas casino in that, while these chips stand in for huge amounts of money at the table, they have no value beyond the casino’s walls. This is important for tokens because it means that, even if a merchant’s data systems are hacked and sensitive information leaked, it’s only the tokens exposed – not the card data itself.
Card-on-file and tokenization are highly related concepts, since most card-on-file transactions have swapped out card details for tokens anyway. It’s best to think of payment tokenization, then, as the act or process of replacing the card details with tokens – and it’s a strategy used in a wide range of different payment context to secure and safeguard transactions.
Let’s take a look at the four key benefits of card-on-file transactions.
Perhaps the most apparent benefit of card-on-file transactions is that they can lead to increased sales.
When customers have their card information stored on file, they're more likely to make more purchases and more significant purchase amounts.
That's because they don't have to go through the hassle of reentering their credit card information every time they want to buy something, reducing cart abandonment rates drastically. The purchasing process would resemble a one-click checkout, which has proven to be very effective at maximizing conversion rates.
Card-on-file transactions enable merchants to develop new predictable business models – like subscriptions. They can then better predict their forecasted cash flow and plan accordingly.
Recurring payment models like subscriptions and membership fees provide valuable insight to businesses in terms of projected revenues, enabling them to better plan for the future. To learn more, dive into our guide to recurring payments: explained.
Card-on-file transactions can also lead to improved customer retention rates, as they offer greater convenience.
Customers appreciate being able to make quick and easy purchases without having to re-enter their credit card information every time. This convenience ultimately leads to increased customer satisfaction and loyalty. When customers have their card information stored on file, they're more likely to stay loyal to your brand and make repeat purchases.
For merchants, card-on-file transactions mean less effort required from the various teams in their company’s ecosystem to re-engage existing clients and customers.
For example, dedicated marketing teams can instead focus their efforts on expanding existing customer bases and amplifying brand presence to attract even more shoppers.
Card-on-file transactions do, as we’ve seen, come with a number of important benefits.
Yet there are also some drawbacks to consider before integrating card-on-file transactions into your payment strategy.
Every credit card comes with an expiration date, limiting the longevity of card-on-file payments.
This requires merchants to communicate with their customers periodically to ensure that the payment information stored on file is up-to-date, also adding the risk that customers will opt to forego providing their refreshed payment information when that time comes.
An account updater can be used to prevent this, though – and Checkout.com’s real-time account updater offers live credit and debit card updates to boost your conversion rates, drive down declines, and keep your recurring payments flowing smoothly and seamlessly.
Customers who have had their credit card information compromised or stolen may typically request chargebacks. If a customer disputes a charge, the merchant may be liable for the full amount of the charge, even if the customer has previously authorized recurring payments.
When a merchant stores a consumer's payment information, that information might become a target for hackers. If hackers can get the stored payment information, they can use it to make unauthorized charges.
For this reason, it's important for merchants to ensure measures have been taken to protect the stored payment information, such as encrypting it or storing it in a secure database. Using a payment service provider like Checkout.com, however, allows merchants to store and tokenize card details, thus removing this risk.
Yes, Checkout.com enables merchants to adopt card-on-file payments with secure payment technology to minimize potential risks. This enables them to implement an easy, frictionless, and more efficient checkout process without compromising security.
Discover how to implement card-on-file transactions with Checkout.com by reviewing our documentation.
We do. Checkout.com’s opt-in, managed tokenization solution allows you to effortlessly integrate tokens into your payments setup.
You’ll enjoy better authorization rates (by an average of 2.75%, according to American Express), enjoy more robust, reliable payment data security, and – because tokenized transactions come with lower interchange fees – save money, too. Plus, by offering your customers one-click payments and automatic card updates, you can reduce their cognitive load come checkout time: thus enabling a well-paved, pothole-free path to payment.
Our tokenization offering is also as flexible as your business needs it to be. Choose from a set-and-forget strategy handled by us, or take the reins yourself with our merchant-managed solution. Whichever you choose, our team will be on hand to support you from the get-go: working with you to identify and implement the right tokenization solution for your business.
Ready to start accepting tokenized card-on-file transactions – today?
Head to our network tokenization page to find out more, or get in touch with our team of experienced payment experts to start the conversation.