opinion

Opportunities for Stored Credit Card Credentials

Opportunities for Stored Credit Card Credentials

Are you aware of how Visa interprets and processes recurring transactions relating to stored credentials?

What are stored credentials anyway? Visa defines them clearly: “A stored credential is information (including, but not limited to, an account number or payment token) that is stored by a merchant or its agent, a payment facilitator or a staged digital wallet operator to process future transactions.”

A video-on-demand (VOD) platform can charge a monthly membership and bill an additional fee for a one-time digital download.

Stored credentials are becoming very popular, especially for online merchants that have clients who purchase frequently (think of mega giants like Amazon) and you also may recognize the use of stored credentials in “freemium” online games that have micro billings and small charges. There is a wide range of potential applications for these types of transactions.

A video-on-demand (VOD) platform can charge a monthly membership and bill an additional fee for a one-time digital download. Cam platforms can store the card once, and the member can easily bill their card quickly and on demand for any amount they want (perhaps when their favorite model is online, and they might not have both hands available to punch in a credit card number).

Previously, Visa considered these payments to be no different than any other transaction. They were processed basically the same way and risk-assessed the same way, but it’s clear that these types of recurring transactions are different than a one-time charge. The inherent difference in a stored credential purchase is that there is a linked historical pattern related to them. The card processor can easily see that these transactions have been made and their trends. Every subsequent successful charge (in theory) reduces the risk related to subsequent charges.

According to the Visa guidelines, it is required that merchants appropriately categorize or label these transactions as stored credentials and recurring transactions. Furthermore, there are additional requirements when the card information is stored. Most importantly, merchants are required to overtly inform the cardholder that the card number is being stored for convenience and future transactions. Consent is a requirement, and usually achieved by using a checkbox on the order form that is not pre-filled.

Additionally, merchants must provide disclosure, notification and get consent when the merchant’s terms are updated. It is then required to appropriately label the future transactions with specific codes related to the type of transaction (such as subscription, installment, merchant-initiated transaction or a new purchase initiated by the cardholder). These unique transaction type codes are then provided to the gateway during those subsequent transactions.

In the payment-processing world, a perfect example of stored credentials is the MobiusPay Card Vault. Customers provide their card and billing details a single time and they are stored on our systems. The merchant never has to store these secure and private details. Through our streamlined platform, merchants are then able to process transactions on that card repeatedly without holding the raw billing data.

Stored credentials can be used at the direction of the cardholder or the merchant. Cardholder-initiated transactions (Visa calls these CITs) occur when the customer is activating a charge themselves, directly. This might be as simple as pushing a button. Alternatively, merchant-initiated transactions (an “MIT” in Visa lingo) is done autonomously by the merchant, perhaps as an automated monthly rebill by date, or topping up an account balance with funds or tokens.

These MITs are based on standing instructions by the cardholder (which is why customer consent and notification of changes in merchant terms is so important). Customers place a lot of trust in merchants related to stored credentials, and it’s vitally important to respect the cardholder to ensure that your business and merchant account not only survives but thrives as well.

Visa is intending to accomplish greater visibility of transaction risks, higher authorization approval rates (more sales for merchants), fewer customer complaints and an overall better cardholder experience. While it might be a bit of a hassle to update the required elements to comply with this move, it’s clear that this will benefit merchants in the long term.

We are always helping merchants ensure they are compliant and are taking full advantage of processing features to improve sales, it’s just part of the business consulting that is provided to all our clients. So even if you don’t quite understand or know what to do next, ask your merchant processor to help.

Jonathan Corona has 15 years of experience in the electronic payments industry. As MobiusPay’s EVP, Corona is primarily responsible for day-to-day operations as well as reviewing and advising merchants on a multitude of compliance standards set forth by the card associations. MobiusPay specializes in merchant accounts in the U.S., E.U. and Asia. Follow them @MobiusPay on Twitter, Facebook and IG.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

WIA Profile: Reba Rocket

As chief operating officer and chief marketing officer of Takedown Piracy, long at the forefront of intellectual property protection in adult entertainment, Rocket is dedicated to safeguarding the livelihoods of content creators and producers while fostering a more ethical and sustainable industry.

Women In Adult ·
opinion

Protecting Content Ownership Rights When Using AI

In today’s digital age, content producers have more tools at their disposal than ever before. Among these tools, artificial intelligence (AI) content generation has emerged as a game changer, enabling creators to produce high-quality content quickly and efficiently.

Corey D. Silverstein ·
opinion

How Payment Orchestration Can Help Your Business

An emerging payment solution is making waves in the merchant world: the payment orchestration platform (POP). It’s quickly gaining traction as a powerful tool for managing online payments — but questions abound.

Cathy Beardsley ·
opinion

Fine-Tuning Refund and Cancellation Policies

For adult websites, managing refunds and cancellations isn’t just about customer service. It’s a crucial factor in maintaining compliance with the regulations of payment processors and payment networks such as Visa and Mastercard.

Jonathan Corona ·
profile

WIA Profile: Laurel Bencomo

Born in Cambridge, England but raised in Spain, Laurel Bencomo initially chose to study business at the University of Barcelona simply because it felt familiar — both of her parents are entrepreneurs. She went on to earn a master’s degree in sales and marketing management at the EADA Business School, while working in events for a group of restaurants in Barcelona.

Women In Adult ·
profile

Gregory Dorcel on Building Upon His Brand's Signature Legacy

“Whether reflected in the storyline or the cast or even the locations, the entertainment we deliver is based on fantasy,” he elaborates. “Our business is not, and never has been, reality. People who are buying our content aren’t expecting reality, or direct contact with stars like you can have with OnlyFans,” he says.

Jeff Dana ·
opinion

How to Turn Card Brand Compliance Into Effective Marketing

In the adult sector, compliance is often treated as a gauntlet of mandatory checkboxes. While it’s true that those boxes need to be ticked and regulations must be followed, sites that view compliance strictly as a chore risk missing out on a bigger opportunity.

Jonathan Corona ·
opinion

A Look at the Latest AI Tools for Online Safety

One of the defining challenges for adult businesses is helping to combat the proliferation of illegal or nonconsensual content, as well as preventing minors from accessing inappropriate or harmful material — all the more so because companies or sites unable or unwilling to do so may expose themselves to significant penalties and put their users at risk.

Gavin Worrall ·
opinion

Know When to Drop Domains You Don't Need

Do you own too many domains? If so, you’re not alone. Like other things we accumulate, every registered domain means something to us. Sometimes a domain represents a dream project we have always wanted to do but have never quite gotten around to.

Juicy Jay ·
opinion

Understanding 'Indemnification' in Business Contracts

Clients frequently tell me that they didn’t understand — or sometimes, even read — certain portions of a contract because those sections appeared to be just “standard legalese.” They are referring, of course, to the specialized language used in legal documents, including contracts.

Corey D. Silverstein ·
Show More