ProductsDeveloperSupport
Guides

Merchant Initiated Transactions (MIT)

Suggest Edits

Merchant-Initiated Transactions (MIT) are payments initiated by the merchant without cardholder being in a session.

In case you are located in European Economic Area impacted by rules of Payment Services Directive II (PSD2), such payments require that:

  1. Strong Customer Authentication (SCA) is applied to the first transaction or action mandating the merchant to initiate payment(s) and
  2. There is an agreement between the cardholder and the merchant for the provision of products or services and potential costs associated with these.

In case you would prefer to register your customer and save his credit card credentials on file, you are obliged to obtain cardholder’s consent by using SCA in your transaction request.

In order to achieve that, your cardholders must authenticate themselves during transaction processing, while still in session. PSD2 and scheme rules demand a 3-D Secure challenge flow to be performed in such case. All mentioned above needs to be indicated to the Gateway, so that proper flagging is applied in the authorization message.

The following XML document represent an example of a first Credentials-on-File (COF) transaction indicating 3DS requestor’s preference to challenge a cardholder:

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
    xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header/>
    <SOAP-ENV:Body>
        <ns4:IPGApiOrderRequest
            xmlns:ns4="http://ipg-online.com/ipgapi/schemas/ipgapi"
            xmlns:ns2="http://ipg-online.com/ipgapi/schemas/v1"
            xmlns:ns3="http://ipg-online.com/ipgapi/schemas/a1">
            <ns2:Transaction>
                <ns2:CreditCardTxType>
                    <ns2:StoreId>1109950006</ns2:StoreId>
                    <ns2:Type>sale</ns2:Type>
                </ns2:CreditCardTxType>
                <ns2:CreditCardData>
                    <ns2:CardNumber>520474******2745</ns2:CardNumber>
                    <ns2:ExpMonth>12</ns2:ExpMonth>
                    <ns2:ExpYear>27</ns2:ExpYear>
                    <ns2:CardCodeValue>XXX</ns2:CardCodeValue>
                </ns2:CreditCardData>
                <ns2:CreditCard3DSecure>
<ns2:AuthenticateTransaction>true</ns2:AuthenticateTransaction>
<ns2:TermUrl>https://testwebshop/return</ns2:TermUrl>
<ns2:ThreeDSMethodNotificationURL>https://test</ns2:ThreeDSMethodNotificationURL>
<ns2:ThreeDSRequestorChallengeIndicator>04</ns2:ThreeDSRequestorChallengeIndicator>
							</ns2:CreditCard3DSecure>   			 
              <ns2:unscheduledCredentialOnFileType>FIRST</ns2:unscheduledCredentialOnFileType>
                <ns2:Payment>
                    <ns2:ChargeTotal>12.99</ns2:ChargeTotal>
                    <ns2:Currency>978</ns2:Currency>
                </ns2:Payment>
            </ns2:Transaction>
        </ns4:IPGApiOrderRequest>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>


<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header/>
   <SOAP-ENV:Body>
      <ipgapi:IPGApiOrderResponse 
xmlns:a1="http://ipg-online.com/ipgapi/schemas/a1" 
xmlns:ipgapi="http://ipg-online.com/ipgapi/schemas/ipgapi" 
xmlns:v1="http://ipg-online.com/ipgapi/schemas/v1">
<ipgapi:ApprovalCode>Y:527777:4589932541:YYYM:497437</ipgapi:ApprovalCode>
<ipgapi:AVSResponse>YYY</ipgapi:AVSResponse>
<ipgapi:Brand>MASTERCARD</ipgapi:Brand>
<ipgapi:Country>GBR</ipgapi:Country>
<ipgapi:CommercialServiceProvider>BOSMS</ipgapi:CommercialServiceProvider>
<ipgapi:OrderId>A-55e3fab0-be09-4fb4-a45b-a2e60f97c1ef</ipgapi:OrderId>
<ipgapi:IpgTransactionId>84589932541</ipgapi:IpgTransactionId>
<ipgapi:PaymentType>CREDITCARD</ipgapi:PaymentType>
<ipgapi:ProcessorApprovalCode>527777</ipgapi:ProcessorApprovalCode>
<ipgapi:ProcessorCCVResponse>M</ipgapi:ProcessorCCVResponse>        <ipgapi:ProcessorReferenceNumber>205415497437</ipgapi:ProcessorReferenceNumber>
<ipgapi:ProcessorResponseCode>00</ipgapi:ProcessorResponseCode>
<ipgapi:ProcessorResponseMessage>Functionperformederror-free</ipgapi:ProcessorResponseMessage>
<ipgapi:SchemeTransactionId>0223MCC599836</ipgapi:SchemeTransactionId>
<ipgapi:TDate>1645631609</ipgapi:TDate>
<ipgapi:TDateFormatted>2022.02.23 16:53:29 (CET)</ipgapi:TDateFormatted>
<ipgapi:TerminalID>80000860</ipgapi:TerminalID>
<ipgapi:TransactionResult>APPROVED</ipgapi:TransactionResult>
<ipgapi:TransactionTime>1645631609</ipgapi:TransactionTime>
<ipgapi:Secure3DResponse>
  <v1:ResponseCode3dSecure>1</v1:ResponseCode3dSecure>
</ipgapi:Secure3DResponse>
</ipgapi:IPGApiOrderResponse>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

After this request the transaction processing continues with EMV 3-D Secure flow and authorization is triggered automatically once the authentication has been successfully completed.

The API response you received after your customer got authenticated successfully contains also a SchemeTransactionId what must be submitted in your next MIT transaction request in ReferencedSchemeTransactionIdparameter. 

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header/>
   <SOAP-ENV:Body>
      <ipgapi:IPGApiOrderResponse 
xmlns:a1="http://ipg-online.com/ipgapi/schemas/a1" 
xmlns:ipgapi="http://ipg-online.com/ipgapi/schemas/ipgapi" 
xmlns:v1="http://ipg-online.com/ipgapi/schemas/v1">
<ipgapi:ApprovalCode>Y:527777:4589932541:YYYM:497437</ipgapi:ApprovalCode>
<ipgapi:AVSResponse>YYY</ipgapi:AVSResponse>
<ipgapi:Brand>MASTERCARD</ipgapi:Brand>
<ipgapi:Country>GBR</ipgapi:Country>
<ipgapi:CommercialServiceProvider>BOSMS</ipgapi:CommercialServiceProvider>
<ipgapi:OrderId>A-55e3fab0-be09-4fb4-a45b-a2e60f97c1ef</ipgapi:OrderId>
<ipgapi:IpgTransactionId>84589932541</ipgapi:IpgTransactionId>
<ipgapi:PaymentType>CREDITCARD</ipgapi:PaymentType>
<ipgapi:ProcessorApprovalCode>527777</ipgapi:ProcessorApprovalCode>
<ipgapi:ProcessorCCVResponse>M</ipgapi:ProcessorCCVResponse>        <ipgapi:ProcessorReferenceNumber>205415497437</ipgapi:ProcessorReferenceNumber>
<ipgapi:ProcessorResponseCode>00</ipgapi:ProcessorResponseCode>
<ipgapi:ProcessorResponseMessage>Functionperformederror-free</ipgapi:ProcessorResponseMessage>
<ipgapi:SchemeTransactionId>0223MCC599836</ipgapi:SchemeTransactionId>
<ipgapi:TDate>1645631609</ipgapi:TDate>
<ipgapi:TDateFormatted>2022.02.23 16:53:29 (CET)</ipgapi:TDateFormatted>
<ipgapi:TerminalID>80000860</ipgapi:TerminalID>
<ipgapi:TransactionResult>APPROVED</ipgapi:TransactionResult>
<ipgapi:TransactionTime>1645631609</ipgapi:TransactionTime>
<ipgapi:Secure3DResponse>
  <v1:ResponseCode3dSecure>1</v1:ResponseCode3dSecure>
</ipgapi:Secure3DResponse>
</ipgapi:IPGApiOrderResponse>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

After you completed the previous step successfully, you will be able to initiate an MIT transaction:

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
    xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header/>
    <SOAP-ENV:Body>
        <ns4:IPGApiOrderRequest
            xmlns:ns4="http://ipg-online.com/ipgapi/schemas/ipgapi"
            xmlns:ns2="http://ipg-online.com/ipgapi/schemas/v1"
            xmlns:ns3="http://ipg-online.com/ipgapi/schemas/a1">
            <ns2:Transaction>
                <ns2:CreditCardTxType>
                    <ns2:StoreId>1109950006</ns2:StoreId>
                    <ns2:Type>sale</ns2:Type>
                </ns2:CreditCardTxType>
                <ns2:CreditCardData>
                    <ns2:CardNumber>52392*******002</ns2:CardNumber>
                    <ns2:ExpMonth>12</ns2:ExpMonth>
                    <ns2:ExpYear>27</ns2:ExpYear>
                    <ns2:CardCodeValue>XXX</ns2:CardCodeValue>
                </ns2:CreditCardData>   			 
              	<ns2:unscheduledCredentialOnFileType>MERCHANT_INITIATED</ns2:unscheduledCredentialOnFileType>
                <ns2:Payment>
                    <ns2:ChargeTotal>13.99</ns2:ChargeTotal>
                    <ns2:Currency>978</ns2:Currency>
                </ns2:Payment>
                <ns2:TransactionDetails>   			 
                  <ns2:ReferencedSchemeTransactionId>0223MCC599836</ns2:ReferencedSchemeTransactionId>   			
              </ns2:TransactionDetails>
            </ns2:Transaction>
        </ns4:IPGApiOrderRequest>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

📘

Please note, that the solution and examples described above are available only if you utilize Fiserv as your 3DS service provider and your store is setup accordingly.

Updated 14 days ago

API Products

Point of Sale

Developer

Resources

Contact Cookies Privacy Notice Legal

Copyright© 2024 Fiserv. All rights reserved.

First Data Europe Limited, is a subsidiary of Fiserv, Inc. and is trading as Fiserv. First Data Europe Limited, is a private limited company incorporated in England (Company Number 02012925) with a registered address at Janus House, Endeavour Drive, Basildon, Essex, SS14 3WF. First Data Europe Limited is authorised and regulated by the UK Financial Conduct Authority (FCA Register No. 582703; CCA No. 739230). All trademarks, service marks, and trade names referenced in this material are the property of their respective owners.

v1.11

Want a quick overview?