Chaining of CIT/MIT transactions
The second Payment Services Directive (PSD2) introduced the need to authenticate the cardholder when initiating an e-commerce transaction.
- by the buyer:
CIT (Customer Initiated Transaction): buyer-initiated transaction with buyer interaction.
E.g.: payment (or card registration) that requires card data entry or cardholder authentication.
- or by the merchant:
MIT (Merchant Initiated Transaction): transaction initiated by the merchant, without the presence of the buyer, linked to an initial CIT transaction.
E.g.: umpteenth installment of a payment in installments or of a recurrent payment.
A new principle appears for the following transaction authentications: operation chaining.
In the context of a CIT transaction, regulations require a cardholder authentication. In response to the request for authorization or information, the issuer returns a unique transaction identifier, hereafter referred to as the “chaining reference”. This chaining reference is then used in the MIT transactions to indicate to the issuer that the transaction is part of a series of payments, for which the cardholder authenticated him or herself in the first payment.
Without this information, the issuer can refuse an MIT transaction for lack of authentication (soft decline).