Credential on File (CoF) payments

Copy for LLMView as Markdown

Credential-on-file (CoF) refers to a payment model in which a shopper authorizes a merchant or payment provider to store their payment credentials for future use. Subsequent payments can then be processed using tokenized stored credentials, without requiring the shopper to re-enter their details each time.

Common CoF payments include:

Recurring payments: Repeated charges where a shopper gives ongoing permission to charge their card or local payment methods for a product or service, for example, subscriptions, installments, usage‑based billing, or utility bills.
One-click checkout: Returning shopper pays in session with previously saved credentials.

In Airwallex, a CoF setup usually involves the following objects:

Customer: Identifies the shopper in your system and in Airwallex.
PaymentMethod: Tokenized representation of the card or local payment method credentials. Airwallex uses gateway tokenization to minimize your handling of sensitive card data, reducing PCI compliance requirements.
PaymentConsent: The payment agreement that defines how a stored credential may be reused.
PaymentIntent: Represents a specific payment you want to collect.

Together, these objects form the foundation for securely storing payment credentials and reusing them for future transactions.

How CoF payments work

CoF payments require the shopper to explicitly authorize you to store their payment credentials under a payment agreement, so you can securely reuse those credentials for later charges under that same agreement.

To build this flow correctly and to protect approval rates, liability, and compliance, you need to be explicit about how credentials are first saved (with or without an immediate payment), who triggers each payment, whether it's a first transaction or a later one in the series, and how recurring terms are represented in Airwallex objects and in the indicators you pass to card schemes and local payment providers.

Who triggers the payment with saved payment details?

Who triggers the payment, shopper vs merchant, determines whether the transaction is treated as customer-initiated transaction (CIT) or merchant-initiated transaction (MIT) and which Strong Customer Authentication (SCA) and 3D Secure (3DS) rules apply. You must correctly flag MIT/CIT indicators in your transaction request as this affects approval rates, liability, and compliance.

Customer-initiated transaction (CIT)

CIT is used when the shopper is in session and chooses to save credentials for future use, with or without a payment. For saved cards, the shopper may be required to enter their security code (CVC) for verification to complete the initial authorization.

A one-click checkout is a subsequent CIT where a returning shopper completes a purchase using previously stored payment credentials allowing faster checkout without re-entering card details.

CVC can be skipped when a card is converted to a network token. For more information, see Network tokenization.

CIT examples include one‑click checkout for returning shoppers, a shopper upgrading their SaaS plan in‑app or paying an invoice via an Airwallex-hosted payment page.

Merchant-initiated transaction (MIT)

MIT enables you as a merchant to initiate scheduled (recurring) or unscheduled (one-time) payments without the shopper involved, based on a prior agreement with the shopper. MIT requires a prior CIT where the shopper authorized credential storage. Once credentials are saved with shopper authorization, all subsequent MITs can be automatically processed using that original authorization.

MIT examples include subscription renewals, usage‑based top‑ups and post‑service charges, installment plan payments.

MITs can increase costs and risk because unclear subscription terms or delayed charges often lead to disputes. Setting up MITs is also subject to stricter controls, such as SCA, mandated by regulators and card scheme rules. For effective management of MITs, refer to the best practices guide.

Is it the first or a subsequent transaction in the series?

Schemes and regulators distinguish between the initial transaction that sets up the payment agreement and subsequent transactions that use it.

Initial transaction

The initial transaction sets up a new payment agreement and creates or verifies the credential‑on‑file (PaymentMethod) and the agreement (PaymentConsent).

If it's the shopper's first time saving payment details, the initial transaction must be a CIT with SCA/3DS authentication. If credentials were previously saved, the initial transaction for a new agreement can be either a CIT (shopper present) or an MIT (merchant-initiated with prior authorization).

There are two common scenarios for the initial transaction:

Zero-amount setup: Payment details are set up for future use without an immediate charge. Typical for onboarding or when subscription billing will begin later.
Payment with credential storage: Shopper makes a one-off purchase and opts in to save payment details as part of the checkout for future use.

Examples of initial transactions include first card save in a one-time checkout flow, first month of a subscription when the shopper agrees to auto-renew, or first installment of a payment plan.

Subsequent payments

Subsequent payments are later charges under the same agreement (renewals, future installments, top-ups). They usually run with less shopper friction if the initial transaction was correctly authenticated and flagged.

This distinction matters for how you populate CoF fields and when additional authentication may be required.

How are the payment agreement terms captured and represented?

To be compliant and maintain high approval rates, the payment agreement terms and recurring semantics must be captured and represented correctly to card schemes and local payment providers.

Clear checkout and subscription terms: Display subscription costs, frequency, and renewal/cancellation policies prominently before the shopper completes a transaction.
Correct indicators in payment objects: PaymentIntent metadata, PaymentConsent, local payment method specific fields.
Transparent communications and reminders: Send pre-renewal notifications several days before a subscription is due to renew.
Easy cancellation paths: Give shoppers a direct, unobstructed path to cancellation from their profile or billing management page.

For detailed guidance, see best practices for handling MITs.

To ensure you always have the most up-to-date card details for your shoppers, even if their card is renewed or replaced, Airwallex will automatically enable Network tokenization and Account Updater features for merchants using PaymentConsent.

Types of CoF payments

The following CoF payment types are available via Airwallex Payments and Airwallex Billing.

	Initial credential setup	One‑click checkout	Scheduled payments	Installment payments	Unscheduled payments	Subscriptions
Description	Initial in-session shopper authorization to save payment credentials, with or without an immediate payment.	Payment using previously saved credentials while the shopper is in session.	Recurring charges at fixed intervals with typically fixed amounts under a prior agreement.	Recurring charges that split one purchase into a fixed number of scheduled payments over a defined period.	Ad hoc charges where timing and amount are not fixed in advance.	Recurring charges for ongoing product/service access managed by Airwallex Billing (plans, trials, proration, dunning, and lifecycle) or your own subscription engine built on top of Airwallex Payments.
Use cases	First checkout where shopper opts to save credentials; subscription signup with mandate acceptance; account-on-file setup for future off-session charging.	Returning shoppers paying with a single click; upgrading a plan in app; paying an invoice with a saved card.	Memberships billed on a calendar, utility retainers, license renewals on a fixed cadence.	Retail or service purchases paid in n installments; Buy Now Pay Later (BNPL) plans you operate yourself.	Pay‑as‑you‑go APIs, metered usage, wallet top‑ups, delayed or add‑on charges after fulfilment.	SaaS or content/media subscriptions with trials, plan changes, and automated retry when cards fail.
Initiated by	Customer	Customer	Merchant	Merchant	Merchant	Merchant or Billing automation (MIT for renewals once the agreement exists)
Is shopper in the session?	Yes, the shopper actively confirms credential setup.	Yes, the shopper actively confirms the payment.	No for each renewal charge (off‑session MIT).	No for each installment (off‑session MIT).	No for each ad‑hoc charge (off‑session MIT).	No for typical renewals; shopper in session for signup, plan changes, or payment method updates.
Features	Captures explicit shopper consent to store credentials Can be zero-amount setup or setup with an immediate payment Establishes the basis for later one-click and MIT charges	Fast checkout May require CVC unless network tokenization applies Strong fit for conversion	Predictable billing cycle Align recurring fields and consent with scheme MIT rules	Fixed number of payments tied to one order Early payoff or cancellation patterns as you implement	Flexible amount and timing per charge Your backend controls when to debit	Trials, proration, dunning, and cancellation when using Billing Rich subscription objects and dashboards
Single order vs multiple orders	One setup event, optionally tied to a first order, that creates a reusable agreement.	Typically one order or invoice per checkout session.	Multiple charges over time; one ongoing agreement.	Single underlying order; multiple charges scheduled against it.	One or many agreements; each charge may map to different business events.	One subscription relationship; many billing cycles over time.
Payment period	Not applicable as a series—this is the setup step for future payments.	Not applicable as a series—each session is its own payment.	Often open‑ended until cancelled; may include a planned end date if you model it.	Yes—ends after the final installment with a clear end date.	No fixed schedule; agreement may run until terminated.	Per plan term; renews until cancelled or term ends; Billing tracks lifecycle.
Fixed vs variable schedule	N/A—shopper chooses when to pay.	N/A—shopper chooses when to pay.	Fixed interval between charges.	Fixed installment schedule until completion.	Variable—no fixed cadence between charges.	Fixed by billing period (for example monthly) unless you prorate or change plans.
Fixed vs variable amounts	Zero or variable initial amount depending on setup flow.	Variable per checkout (whatever the shopper agrees to pay).	Similar amounts each cycle; may allow minor drift if disclosed.	Usually fixed per installment or per your disclosed plan.	Variable per charge.	Set by plan and invoices; can change with upgrades/downgrades or usage components.
Product support	Hosted Payment Page: Drop-in Element: Embedded Elements: Native API: Mobile SDK: Hosted Billing Checkout:	Hosted Payment Page: Drop-in Element: Embedded Elements: Native API: Mobile SDK: Hosted Billing Checkout:	Hosted Payment Page: Drop-in Element: Embedded Elements: Native API: Mobile SDK: Hosted Billing Checkout:	Hosted Payment Page: Drop-in Element: Embedded Elements: Native API: Mobile SDK: Hosted Billing Checkout:	Hosted Payment Page: Drop-in Element: Embedded Elements: Native API: Mobile SDK: Hosted Billing Checkout:	Hosted Payment Page: Drop-in Element: (via Billing Customer API, Payment Source API, Subscription API) Embedded Elements: (same Billing objects) Native API: (same Billing objects) Mobile SDK: (same Billing objects) Hosted Billing Checkout: (Billing Checkout API)