Card-on-file transactions explained

Merchant-initiated card-on-file transactions

MITs are transactions that are initiated by the merchant rather than the cardholder. Consumers must have previously initiated a transaction with the merchant and given their consent for future use in order for merchants to initiate this type of transaction. Merchant Initiated Transactions usually are in the form of either one-time or recurring transactions.

MITs can be used for a variety of purposes, such as subscription services, club memberships, or even donations. Sometimes, MITs can also recoup funds that were previously charged back to the merchant. For example, if a customer cancels their subscription but doesn't provide sufficient notice, the merchant may initiate an MIT to recover the remaining balance.

Some examples of situations where an MIT would be appropriate include:

• When you have a subscription-based service
• When you offer membership-based services
• When you need to recoup funds that were previously charged back
• When you want to improve cash flow by having predictable payments coming in

Cardholder-initiated card-on-file transactions

CITs, on the other hand, represent transactions initiated by the consumer.

When a customer makes a purchase on a merchant’s website, they enter their credit card information into their payment gateway. The gateway then processes the payment and deposits the funds into the merchant account. The entire process is initiated and completed by the customer — with no action necessary from the merchant’s side.

Subscription-based businesses accepting recurring payments

Card-on-file transactions are particularly important for businesses that operate subscription services, where accepting recurring payments – every week, month, or year, for example – is crucial. These types of businesses could include:

• Streaming services, such as Netflix and Spotify
• Software-as-a-Service (SaaS) providers, such as Salesforce and Dropbox
• Subscription boxes, such as Birchbox and HelloFresh
• Fitness or social clubs, such as David Lloyd or Soho House

By storing your customers’ card details on file, you remove the need for them to have to re-enter their card details every time their subscription is up for renewal. This minimizes the likelihood of customer churn, and reduces checkout friction by removing one more barrier between them and the purchase.

You can further optimize your card-on-file transaction processing by utilizing a real-time account updater, which automatically refreshes the card details you have stored on file when they change (this could be due to the card expiring, or being replaced due to loss or theft).

Other ways subscription-based businesses can improve the recurring payments process is through picking a payment processor that – like Checkout.com – offers smart retries. This means that, should one of your subscribers’ payments fail, the system will automatically attempt the payment again (for a preset amount of times, in a preset period).

For more tips like this, delve into our guide to SaaS payments.

Ecommerce marketplaces

Ecommerce marketplace such as Amazon, Etsy, and eBay utilize card-on-file transactions to enable faster, more seamless payments.

Amazon’s 1-Click Payments, for example – or eBay’s immediate payment – allows customers to save their card after their first purchase. Then, when they come to buy again, they can forgo the usual lengthy rigmarole at the checkout (that is, having to enter their billing address, card details, and personal information), and simply click to checkout in seconds.

This boosts conversion rates, reduces cart abandonment, and makes for a clear, clutter-free checkout – and it’s something all ecommerce businesses can emulate. To find out how, explore our article dedicated to ecommerce payment processing.

Digital wallets

Digital wallets (such as Apple Pay, Google Pay, and Samsung Pay) enable merchants to accept payments with the credit and debit cards they have saved to their smart devices.

This process, which allows consumers to pay for goods and services in-store or online – through their smartphones, tablets, or smart watches – is made possible by a process called payment tokenization.

We’ll dive deeper into what tokenization is shortly, but broadly it’s a way of securing transactions by replacing a card’s most sensitive information – which includes its primary account number (PAN), expiry date, and CVV – with ‘tokens’. The tokens (which, in this context, are random strings of numbers that, since they have no intrinsic value, are indecipherable outside the system they belong to) are stored on the customer’s device.

This means that, when the customer comes to pay, they don’t even need their card on them. This is convenient for the customer, but – because they’ll typically need to biometrically verify their identity to make a payment – it’s also more secure than a typical tap ‘n’ go payment with a physical credit or debit card.

In-app payments

Card-on-file transactions are important for businesses that rely on in-app purchases.

Here, the ‘freemium’ model – where the app, despite being free to download and use, offers additional features only attainable by spending real money – is popular.

Apps offering in-app payments on a freemium basis could include:

• Gaming apps, such as Clash of Clans or The Simpsons: Tapped Out, which require money to unlock extra levels, access new characters, or purchase in-game currency.
• Dating apps such as Tinder or Hinge, which charge users for premium features such as unlimited swipes and the ability to see who liked their profile.
• Education apps such as Duolingo, which – though basic lessons are available for free – charge for more comprehensive content, such as in-depth lessons and study materials.

Card-on-file transactions allow users to make these purchases without even having to leave the app. By connecting seamlessly, in seconds, to the customer’s digital wallet, card-on-file transactions enable the customer to access their saved card, biometrically verify the payment, and continue playing – all with minimal interruption.

Travel and online bookings

Many hotels, airlines, and travel booking platforms (such as Booking.com and Airbnb) save their returning customers’ card details on file to enable faster, simpler future payments.

What’s more, the nature of the hospitality business means that hotels and restaurants often need to be sure that a customer is planning to follow through on their reservation – and to cover their own costs in the event of a no-show. Through card-on-file transactions, restaurants can store the card details of a diner when they make a reservation online, then charge them a fee if they don’t show up.

Similarly, hotels can save their guests’ card details on file, and use them to process additional payments (for breakfast, laundry, or the minibar service, for example) without the customer needing to be physically present to verify the transaction.

1. Increase sales

Perhaps the most apparent benefit of card-on-file transactions is that they can lead to increased sales.

When customers have their card information stored on file, they're more likely to make more purchases and more significant purchase amounts.

That's because they don't have to go through the hassle of reentering their credit card information every time they want to buy something, reducing cart abandonment rates drastically. The purchasing process would resemble a one-click checkout, which has proven to be very effective at maximizing conversion rates.

2. Improve cash flow

Card-on-file transactions enable merchants to develop new predictable business models – like subscriptions. They can then better predict their forecasted cash flow and plan accordingly. 

Recurring payment models like subscriptions and membership fees provide valuable insight to businesses in terms of projected revenues, enabling them to better plan for the future. To learn more, dive into our guide to recurring payments: explained.

3. Raise customer retention rates

Card-on-file transactions can also lead to improved customer retention rates, as they offer greater convenience.

Customers appreciate being able to make quick and easy purchases without having to re-enter their credit card information every time. This convenience ultimately leads to increased customer satisfaction and loyalty. When customers have their card information stored on file, they're more likely to stay loyal to your brand and make repeat purchases.

4. Optimize company operations

For merchants, card-on-file transactions mean less effort required from the various teams in their company’s ecosystem to re-engage existing clients and customers.

For example, dedicated marketing teams can instead focus their efforts on expanding existing customer bases and amplifying brand presence to attract even more shoppers.

1. Ensuring up-to-date payment details

Every credit card comes with an expiration date, limiting the longevity of card-on-file payments.

This requires merchants to communicate with their customers periodically to ensure that the payment information stored on file is up-to-date, also adding the risk that customers will opt to forego providing their refreshed payment information when that time comes.

An account updater can be used to prevent this, though – and Checkout.com’s real-time account updater offers live credit and debit card updates to boost your conversion rates, drive down declines, and keep your recurring payments flowing smoothly and seamlessly.

2. Higher risk of chargebacks

Customers who have had their credit card information compromised or stolen may typically request chargebacks. If a customer disputes a charge, the merchant may be liable for the full amount of the charge, even if the customer has previously authorized recurring payments. 

Rules around this, however, are changing in 2023 where some network tokenized card-on-file transactions will be able to benefit from liability shift.

3. Increased vulnerability to data hacks

When a merchant stores a consumer's payment information, that information might become a target for hackers. If hackers can get the stored payment information, they can use it to make unauthorized charges.

For this reason, it's important for merchants to ensure measures have been taken to protect the stored payment information, such as encrypting it or storing it in a secure database. Using a payment service provider like Checkout.com, however, allows merchants to store and tokenize card details, thus removing this risk.