CITs and MITs
Card network rules based on who initiates a transaction.
Learn about card network rules based on who initiates a transaction.
The card networks divide card payments into two types, depending on whether the customer is participating in the payment flow: Customer-Initiated Transactions (CIT) and Merchant-Initiated Transactions (MIT).
Card networks assign different characteristics and requirements to transactions depending on whether they're customer-initiated or merchant-initiated. For example, a Visa transaction's authorization validity period varies depending on its type. The capture_before field on the charge object returned by the VINR API is the most reliable way to determine the authorization window for a specific charge.
Merchant-Initiated Transactions (MIT)Ask
An MIT is a transaction that you initiate without direct participation of your customer, based on a prior agreement with that customer authorizing you to store and use their credentials. For example, you operate a subscription-based business and your customer has consented to you collecting their future monthly payments using their credit card on file.
Compliance
When you save a customer's payment information, regardless of the reason, you are responsible for compliance with all applicable laws, regulations, and network rules. Include terms on your website or app that state how you save payment method details, and require customers to opt in before you save their payment information.
When you save a payment method, you can only use it for the specific purposes included in your terms. For example, if you want to automatically charge a saved payment method for future subscription renewals, you must first get explicit consent from the customer.
To charge customers when they are offline, include the following in your terms:
- The customer's agreement to your initiating a payment or a series of payments on their behalf for specified transactions.
- The anticipated timing and frequency of payments — for example, whether the charges are for scheduled instalments, subscription payments, or unscheduled top-ups.
- How you determine the payment amount.
- Your cancellation policy for any subscription services.
Keep a record of each customer's agreement to your terms.
Card brand changes
VINR's automatic card updates automatically refreshes saved cards when necessary, such as when a card expires or is re-issued. In some cases, an automatic update changes a card's brand — for example, from Visa to Mastercard. When a card's brand changes, you must prompt the cardholder to update their payment method.
When a card's brand changes, you cannot charge it for any MITs until you obtain a new cardholder agreement.
Identify card brand changes by listening for the payment_method.automatically_updated event and comparing the brand in previousAttributes with the brand on the updated card:
// POST /webhooks/vinr
const event = vinr.webhooks.verify(rawBody, req.headers['x-vinr-signature']);
if (event.type === 'payment_method.automatically_updated') {
const prevBrand = event.data.previousAttributes?.card?.brand;
const newBrand = event.data.object.card?.brand;
if (prevBrand && newBrand && prevBrand !== newBrand) {
// Brand changed — block future MITs and prompt the customer to re-agree
await flagForReAuthorization(event.data.object.customer);
}
}Customer-Initiated Transactions (CIT)Ask
CITs include all transactions where the cardholder is present and participating in the payment flow — for example, a customer manually placing an order on your website.
Standard checkout flows are CITs. Authentication requirements such as 3D Secure are applied based on transaction value, issuer rules, and VINR risk signals. Under SCA, European CITs above the regulatory threshold typically require the customer to authenticate.
See alsoAsk
Automatic card updates
How VINR refreshes saved card details when a bank re-issues a card.
Strong Customer Authentication
SCA requirements for European transactions under PSD2.
Manage payment methods
Save, update, and remove stored payment methods.
Last updated on
