What are merchant initiated transactions & why are they considered low risk?
A merchant-initiated transaction (MIT) allows you, the merchant, to take payments from your customer’s account without them having to take any further action.
This makes it possible to accept a multitude of transaction types, including installments, delayed payments, and recurring payments for subscriptions.
For merchants, the great thing about MITs is that, because they are pre-agreed with a trusted customer, there’s limited risk of chargebacks or fraud.
So, let’s find out exactly how MITs work, how you can use them, and what makes them exempt from PSD2 authentication requirements.
What is a Merchant Initiated Transaction (MIT)
An MIT is a payment that’s initiated by the seller on behalf of a customer without the need for additional cardholder authentication. Essentially, the merchant is able to debit the customer’s account without any involvement from the customer.
Cardholder-Initiated Transactions vs Merchant-Initiated Transactions
As the name suggests, the key difference between cardholder-initiated transactions (CITs) and MITs is that, with CITs, the customer has to initiate the payment by providing their card and payment details to the merchant. For MITs, once agreed and authenticated, the merchant can use the customer’s payment details for future payments without the customer having to take action every time.
How do Merchant Initiated Transactions work?
Merchants can’t just take payments from their customers of any amount or frequency without permission. Any MIT must be agreed between the merchant and cardholder in advance. During the initial CIT, the merchant just needs to perform Strong Customer Authentication, (only applicable to Europe and UK), and identify the payment type as either ‘installment’ or ‘recurring’ to permit future MITs. They can then take payments of a fixed or variable amount for as long as necessary.
Most commonly, MITs take the form of a subscription, where a merchant continues to take regular payments from their customer for an ongoing product or service. The customer only ever needs to intervene if they want to cancel their subscription.
Merchant-Initiated Transaction Examples
Subscriptions are just one merchant initiated transaction example. There are many scenarios where MITs are extremely useful for merchants, including:
- One-off - an unscheduled payment of no fixed duration but for an agreed amount (e.g. to top up credit on a prepaid card)
- Prepayments - a tenant may authorize their landlord to take early, regular rent payment from their account
- Installments - installments are commonly used for buy now, pay later (BNPL) services, where a customer buys something expensive and pays off the balance in a series of fixed amount payments
- Penalty charge - if someone makes a restaurant reservation using their credit card and then fails to turn up, the establishment can charge them a no-show penalty fee
- Reauthorization - a purchase made after the completion of the original agreed amount or time. For example, for split or delayed shipments, or for extended car rentals or hotel stays
- Delayed charges - any charge that is billed to the customer at a future date, such as for a hotel minibar
Why are Merchant-Initiated Transactions considered low risk?
MITs are considered to be lower risk than CITs because they are pre-agreed and often recurring, which means it is unlikely that they’ll be fraudulent.
After the first transaction with a new customer, the merchant can be fairly confident that they are reliable and trustworthy, and that subsequent payments will be successful. Additionally, as the customer’s payment details have already been supplied and authorized for use, there’s no risk of them entering details incorrectly, making failed transactions and chargebacks less likely.
Merchant-Initiated Transactions SCA exemptions
As long as certain conditions are met, MITs are out of scope of Strong Customer Authentication (SCA) requirements under PSD2, meaning merchant’s can take them without any further authentication.
SCA was designed to prevent fraudulent transactions by requiring customers to provide additional forms of identity authentication such as biometric data or a one-time password.
The conditions for SCA exemption are that:
- The original CIT must have been authenticated with 3D Secure 2 (3DS2)
- Future transactions must contain Card on File (CoF) data to show that they’re authorized by the cardholder. When sending an MIT, a merchant should include the Trace ID, containing a reference to the CIT that was used to set up the MIT agreement. This is important, because from October 2023, MITs sent in Europe without a TraceID will be declined by the schemes.
Does Checkout.com support Merchant-Initiated Transactions?
Yes, Checkout.com does support MITs. Whether you want to accept installments or recurring payments for a subscription, with our payment processing solution, you can store card details and use them to process subsequent transactions without the cardholder being present.
Find out more about how to take MITs with Checkout.com.