Recurring billing for Continuity billing businesses.
Continuity billing is fundamental for businesses with ongoing service models. Cardflo provides a payment orchestration platform designed to enhance the reliability and efficiency of your recurring transactions.
Maximise revenue and reduce payment failures. Ensure uninterrupted service for your customers.
- Industry
- Continuity billing businesses
- Category
- Subscriptions
- Cardflo support
- Yes
The overview
Continuity billing represents a recurring revenue model where customers are charged at set intervals for ongoing access to products or services. In the payments stack, this function sits between the merchant application and the acquirer, requiring robust logic to manage Merchant Initiated Transactions (MIT).
Unlike one-off e-commerce sales, continuity models rely on the persistence of stored payment credentials and the ability to navigate varying authorisation requirements across multiple jurisdictions.
The technical infrastructure must handle specific transaction indicators, such as the initial Customer Initiated Transaction (CIT) followed by subsequent MITs, to remain compliant with Card Scheme rules.
Success in this vertical is measured by the ratio of successful settlements against total billing attempts, requiring precise management of decline codes and proactive credential maintenance.
Businesses must balance aggressive recovery tactics with the regulatory constraints of PSD2 and the technical demands of Strong Customer Authentication to maintain steady cash flow.
How it works
Initial Authorisation and Tokenisation
The process commences with an initial transaction where the cardholder provides explicit consent for future charges. The gateway captures the primary account number and performs a 3DS check to satisfy SCA requirements.
Once verified, the sensitive data is replaced with a secure token for use in subsequent billing cycles without further cardholder interaction.
Credential Life Cycle Management
To prevent declines caused by expired or replaced cards, the system queries card network services for updated information. Account updater tools provide the new expiry dates or card numbers directly from the issuer.
This background synchronisation ensures that the stored token remains valid for the next scheduled billing event.
Scheduled Batch Processing
On the predetermined billing date, the platform triggers a Merchant Initiated Transaction request to the acquirer. This request includes specific indicators that signal a recurring relationship, which helps the issuer distinguish the charge from potential fraud.
The transaction is then routed through the gateway to the appropriate clearing network.
Decline Analysis and Retries
If an authorisation fails, the system categorises the refusal as a soft or hard decline. Soft declines, such as temporary technical errors or insufficient funds, trigger automated retry logic based on historical data.
This avoids immediate service termination and gives the cardholder time to rectify temporary balance issues.
Why it matters
Reduced Involuntary Churn Rates
Involuntary churn occurs when a customer intends to remain subscribed but their payment fails due to technical or administrative reasons. By utilising active account updates and smart retry patterns, businesses can recover a significant portion of failed attempts.
This preserves the customer relationship and sustains long-term revenue without the high cost of re-acquiring lost users through marketing efforts.
Regulatory Compliance and Risk
Continuity models are under increased scrutiny regarding mandate management and cancellation policies. Proper handling of MIT flags ensures that issuers do not unnecessarily reject transactions for lacking SCA.
Maintaining a clear audit trail of the original authorisation helps defend against chargebacks and ensures the business adheres to evolving frameworks like PSD2 and the upcoming PSD3 standards.
Regulatory notes
PSD2 and MIT Compliance
Under the European Banking Authority guidelines for PSD2, recurring transactions must be clearly identified as MITs to qualify for SCA exemptions. Merchants must ensure that the initial agreement includes the purpose of the transaction and the estimated amount.
Failure to provide the correct 'trace ID' from the initial 3DS-authorised transaction can lead to immediate declines by EEA-based issuers.
Card Scheme Mandate Rules
Visa and Mastercard have specific rules regarding the disclosure of terms for continuity programs. Merchants are required to provide a simple way for customers to cancel their subscriptions online and must send notifications before a trial period expires or a significant price change occurs.
Non-compliance can result in fines and placement in high-risk monitoring programs.
Use cases
SaaS Subscription Platforms
Software providers use continuity billing to manage monthly or annual seat licences. This requires dynamic scaling of transaction amounts based on user count while maintaining the same underlying payment token.
Health and Wellness Clubs
Gyms and fitness centres rely on recurring payments to manage memberships. The system handles fixed monthly fees and can be adjusted for one-off charges like personal training without re-collecting card data.
Digital Media and Content
Streaming services utilise high-frequency continuity billing for large user bases. Localised routing helps reduce cross-border fees and improves authorisation rates across different geographic regions where issuers may have varying risk appetites.
Box Subscription Services
Physical product subscriptions require synchronisation between payment success and logistics. Billing must occur early enough to allow for inventory planning while managing the high volume of card updates required for long-term subscribers.
By the numbers
This range reflects typical recovery rates when implementing account updater services and basic retry logic for soft declines compared to no recovery strategy.
Typical uplift observed by merchants who correctly implement network tokens and MIT indicators versus legacy transaction flagging methods.
The industry-standard success rate for the first retry attempt on soft declines, depending on the merchant category and regional issuer behaviour.
Related terms
Book a scoping call to see how Cardflo would set you up.
What's included.
- Automatic synchronisation with card scheme account updater services to maintain valid payment credentials
- Sophisticated classification of decline reason codes to distinguish between soft and hard payment failures
- Deployment of intelligent retry logic based on optimal timing for specific card issuer behaviour
- Support for Merchant Initiated Transaction indicators to comply with global card scheme requirements
- Tokenisation of sensitive data to minimise PCI-DSS scope while enabling frictionless recurring billing cycles
- Smart routing across multiple acquirers to mitigate the impact of local gateway outages
- Detailed reporting on recovery rates and the financial impact of automated dunning processes
- Flexible mandate management to handle changes in subscription pricing without requiring customer re-authentication
- Advanced fraud screening tailored to the unique risk profiles of high-frequency continuity models
- Multi-currency support for global continuity operations to reduce foreign exchange costs for international subscribers
Talk to an acquiring specialist about your MID setup.
Common questions.
How does the system handle SCA requirements for recurring payments?
Strong Customer Authentication is typically required for the first transaction in a series, known as the Customer Initiated Transaction (CIT). The system performs 3D Secure verification at this stage.
Subsequent payments are flagged as Merchant Initiated Transactions (MITs) using the original transaction ID as a reference.
This allows for an exemption from SCA under current PSD2 rules, provided the amount remains within the scope of the original mandate or follows a consistent recurring pattern that the issuer recognises.
What is the difference between a soft decline and a hard decline in continuity billing?
A soft decline indicates a temporary issue, such as 'insufficient funds' or a 'technical error', where a subsequent attempt might succeed. A hard decline, such as 'lost or stolen card' or 'account closed', indicates a permanent failure.
For continuity businesses, distinguishing these is vital; soft declines should be queued for a retry, whereas hard declines should trigger an immediate notification to the customer to provide a new payment method to avoid service interruption.
How frequently should a failed recurring transaction be retried?
Retry frequency should be data-driven rather than arbitrary. Industry practice suggests that retrying 3 to 5 times over a 14 to 21-day period is often effective.
The timing is often aligned with common payroll cycles or specific days of the week when cardholders are more likely to have sufficient funds. Over-retrying can lead to excessive scheme fees and potential monitoring by card networks, so the strategy must be carefully calibrated.
Can account updater services completely eliminate expired card declines?
While account updater services significantly reduce declines, they cannot eliminate them entirely. Not all participating banks support real-time updates, and some cardholders may choose to close accounts rather than just replace a card.
However, for major issuers, these services provide a reliable way to obtain new PANs and expiry dates automatically, ensuring that the continuity of service is not broken by administrative expiration dates.
Why is tokenisation preferred over storing raw card data for subscriptions?
Tokenisation is a security requirement that replaces the Primary Account Number with a non-sensitive string. This reduces the merchant's PCI-DSS compliance burden and protects the business in the event of a data breach.
In a continuity model, tokens allow the merchant to initiate billing cycles securely. Network tokens provide an even higher level of security by being domain-specific, which can lead to higher authorisation rates from issuers who trust the enhanced security.
What role does the MCC play in continuity billing success?
The Merchant Category Code (MCC) identifies the type of business to the issuer. Certain MCCs are associated with higher risk or higher chargeback rates, which can lead to stricter fraud filters.
Ensuring the business is correctly categorised and using the appropriate transaction flags for 'recurring' services allows the issuer’s risk engine to apply the correct logic, often resulting in more favourable authorisation behaviour compared to misclassified transactions.
Ready for velocity?
Tell us about your business. We'll match you with the right acquiring partners and the right route, typically inside a week.
