A merchant-initiated transaction (MIT) allows you, the merchant, to take payments from your customer’s account without them having to take any further action.
For merchants, the great thing about MITs is that, because they are pre-agreed with a trusted customer, there’s limited risk of chargebacks or fraud.
So, let’s find out exactly how MITs work, how you can use them, and what makes them exempt from PSD2 authentication requirements.
An MIT is a payment that’s initiated by the seller on behalf of a customer without the need for additional cardholder authentication. Essentially, the merchant is able to debit the customer’s account without any involvement from the customer.
As the name suggests, the key difference between cardholder-initiated transactions (CITs) and MITs is that, with CITs, the customer has to initiate the payment by providing their card and payment details to the merchant. For MITs, once agreed and authenticated, the merchant can use the customer’s payment details for future payments without the customer having to take action every time.
Merchants can’t just take payments from their customers of any amount or frequency without permission. Any MIT must be agreed between the merchant and cardholder in advance. During the initial CIT, the merchant just needs to perform Strong Customer Authentication, (only applicable to Europe and UK), and identify the payment type as either ‘installment’ or ‘recurring’ to permit future MITs. They can then take payments of a fixed or variable amount for as long as necessary.
Most commonly, MITs take the form of a subscription, where a merchant continues to take regular payments from their customer for an ongoing product or service. The customer only ever needs to intervene if they want to cancel their subscription.
Learn more: One leg out transactions
Subscriptions are just one merchant initiated transaction example. There are many scenarios where MITs are extremely useful for merchants, including:
MITs are considered to be lower risk than CITs because they are pre-agreed and often recurring, which means it is unlikely that they’ll be fraudulent.
After the first transaction with a new customer, the merchant can be fairly confident that they are reliable and trustworthy, and that subsequent payments will be successful. Additionally, as the customer’s payment details have already been supplied and authorized for use, there’s no risk of them entering details incorrectly, making failed transactions and chargebacks less likely.
As long as certain conditions are met, MITs are out of scope of Strong Customer Authentication (SCA) requirements under PSD2, meaning merchant’s can take them without any further authentication.
SCA was designed to prevent fraudulent transactions by requiring customers to provide additional forms of identity authentication such as biometric data or a one-time password.
The conditions for SCA exemption are that:
Yes, Checkout.com does support MITs. Whether you want to accept installments or recurring payments for a subscription, with our payment processing solution, you can store card details and use them to process subsequent transactions without the cardholder being present.
Find out more about how to take MITs with Checkout.com.