Capture delay longer than the authorization validity period
Simplified diagram
On the day of the order:
- The merchant site submits a payment request.
- The payment gateway initiates the cardholder’s authentication process with
the issuer. The regulation imposes cardholder authentication for all CIT transactions.
- Once the authentication (challenge or frictionless) is completed, the gateway proceeds to an information request by providing the cardholder’s authentication details.
- The issuer generates a unique transaction identifier and transmits it in the response to the registration request.
- The payment gateway notifies the merchant website about the information request result.
Before submission:
- If no action is taken for the transaction, the authorization request is made on D-1 before the requested capture date.
If it is sent before the initial capture delay expires, the merchant modifies the capture date to D.
The payment gateway performs an authorization request, providing the initial transaction identifier (ITC) as a chaining reference.
- The issuer recognizes the transaction as an MIT that is part of a series of payments for which the cardholder has previously authenticated themselves.
The transaction will not be rejected for lack of authentication (soft decline).
- If the merchant has enabled the Instant Payment Notification URL on batch authorization notification rule, the gateway notifies the merchant site of the payment result.
If the authorization
request is made in the 30 days after the authentication, the merchant can benefit from
liability shift.
The payment might be accepted or refused. Therefore, the merchant must be extremely attentive with this payment type and make sure to deliver the items/services to the buyer.
