When a customer provides their card details in person, online or over the phone — and then gives a business permission to store them and use them for future payments — it can benefit both parties across several use cases. But card-on-file transactions, as these payments are known, also have pitfalls and drawbacks if implemented poorly.
In this guide, we’ll look at how card-on-file transactions work, examples of where they can be used, benefits and drawbacks, as well as alternative payment methods you might want to consider.
What are card-on-file transactions?
A card-on-file transaction is any kind of payment where the cardholder has given their card payment details to a merchant so the merchant can store them securely for future payments.
This means the cardholder does not need to supply their details for every single transaction with the merchant. In contrast, cardholders do need to provide their details every time with one-off card payments.
How exactly do card-on-file transactions work?
To set up a card-on-file transaction, a business needs two things from the cardholder:
Card payment information: to store ‘on file’ and to used to carry out the transaction(s)
Authorisation: to make future payments, with the terms agreed upon by the customer
Businesses can collect payment information in-person at the point-of-sale (POS), over the phone, or when a shopper is paying online. With the rise in ecommerce, customers increasingly want seamless and instant payments for their online purchases.
The merchant should also clearly set out when and why they will take a payment using details stored on file. This agreement between merchant and customer will reduce the likelihood of unexpected transactions and dissatisfied customers.
Why do businesses need the card-on-file feature?
There are several uses for card-on-file transactions, which can generally be broken down into recurring purchases and one-off transactions.
If a business needs to collect payments on a repeat basis, storing card details on file can make the process much easier. Examples of recurring payments include:
Subscriptions: subscription services like Netflix and Spotify store details for card-on-file transactions, so they can collect regular payments from customers without interrupting their user experience.
Memberships: your gym, for example, may use card-on-file to collect your monthly membership payments.
Instalments: if you’re paying for something in instalments, the business collecting the payments could use card-on-file transactions until the balance is paid off.
Repeat purchase: card details stored on apps for ride hailing or food delivery allow you to use that service without giving your details every time you make an order.
Card-on-file isn’t just for recurring purchases. There are also times when it can be used for one-off transactions:
Fines/no shows: when you book a hotel or restaurant, you might have to pay a fine if you fail to show up for your reservation or cancel too late. Card-on-file can be used to collect the fee if that happens.
Upsells: a gym, for example, can use your stored card details if you want to buy add-ons like equipment.
What are the benefits of card-on-file transactions?
While each different use case gives different benefits to the business and consumer involved, there are a few key benefits of card-on-file transactions regardless of use case:
Less admin for your business
Payment admin can be a huge strain on any business, possibly leaving your team collecting payment details for every single transaction or chasing up payments that are overdue. Card-on-file can cut down that work significantly.
Smoother, faster experience for customers
Consumers don’t want to constantly input their card details every time they make a purchase. With card-on-file, customers can enjoy their subscription or membership services without having to worry about making manual monthly payments, as long as the card doesn't expire. Card-on-file can also speed up the order process for one-off transactions.
Improve cash flow
Cash flow is critical to the survival of every business — in the UK, 24% of businesses say late payments are a threat to their survival. Card-on-file transactions can ease this burden by making it easier to collect payments from customers on time.
Increase retention for recurring payments
If your business uses card-on-file transactions for subscriptions or memberships, it means customers aren’t presented with a choice to carry on or cancel their service for every regular payment. This helps increase retention and reduce customer churn.
What are the disadvantages of card-on-file transactions?
Cards still fail, expire and get stolen
Card payments fail up to 14% of the time. When payments fail as part of an online subscription, for example, it could leave the customer without their service.
And while card-on-file transactions allow a business to collect payments from a card in the future, you’ll need to update the details on file if the card expires or is stolen or lost. PSPs like Stripe have card updater features, which attempt to update details automatically, but it doesn’t always work.
Unexpected charges can leave customers unhappy
Any unexpected charge you make using a customer’s stored details could lead to them abandoning your service. Card issuers like Visa have rules for how you should communicate card-on-file transactions to customers, including detailing how you will use their stored details and notifying them if anything changes.
In the UK, continuous payment authorities (CPAs) — where a business stores card details and takes payments whenever they’re owed money — have come under scrutiny because of unscrupulous companies overcharging customers.
Stored payment information leaves you vulnerable to data breaches
While good data security practices such as encryption will reduce the likelihood of a breach, any data your business holds is still vulnerable to cyber criminals. The only way to be 100% secure against data breaches is to use a payment method that doesn’t require storing sensitive payment information.
Are there any alternatives to card-on-file transactions?
Card-on-file transactions are commonplace, but there are a few alternative payment methods available, particularly if you need to collect payments on a recurring basis:
1. Direct debit
Direct debits are a popular way for businesses to collect or ‘pull’ money directly from a customer’s bank account, based on a pre-agreed direct debit mandate. The direct debit guarantee protects customers from payments taken in defiance of the mandate, allowing them to get a full refund from their bank.
Direct debit is convenient and flexible for businesses. It can also be used to collect one-off payments and recurring payments of fixed or variable amounts.
The main downside of direct debit is that payments take three to five days to settle, making it a non-starter for services that need the first payment immediately.
2. Open banking variable recurring payments (VPRs)
Variable recurring payments (VRPs) are a new, instant and secure way for businesses to collect recurring payments from customers using open banking APIs. VRPs enable third party providers (TPPs) like TrueLayer, to initiate a series of payments at variable amounts and intervals with a customer’s consent. Unlike with card-on-file, customers can set up unlimited recurring payments by creating multiple VRP mandates that are bound to specific merchants.
The benefits of VRP include real-time settlement, lower transaction costs compared to card payments and the elimination of card fraud. VRPs don’t store customer credentials at all, and strong customer authentication (SCA) is baked in. And as VRP is tied to a bank account, it doesn’t expire until it’s revoked by the customer.