Restaurant Credential on File Transactions

Credential on file transactions occur when a cardholder gives express permission to the merchant to store their payment credentials for use on a future purchase.

The COF transaction category introduces 2 transaction types:

  • Scheduled COF
  • Unscheduled COF

These types of transactions also update card brand rules, including merchant disclosure requirements.

The stored credential transaction category covers all COF transactions, including:

  • Cardholder-initiated stored credential transactions - no fixed schedule.
  • Industry Specific (delayed, no-show, incremental).

note

While Credential on File integrations are not third party processor specific, if a merchant changes third party processor with already established Credentials on File, it is advised that the merchant re-establish those Credentials on File with the new third party processor. 

Restaurant COF and Related Transaction Scenarios

Restaurant credential file transactions are indicated by Fields 0723, 0738, 0047 - position 5, and 0054.

Establishing a Credential on File

Cardholder and Merchant agree to establish a Credential on File at a Restaurant and perform the initial sale or authorization transaction. The COF may be used for future transactions initiated by the cardholder or merchant for payment of meals or services.

Example: Cardholder purchases a meal at a restaurant and agrees to place their card on file with the merchant for future take out or delivery meals.

  • Transaction Types - Sale (02), Auth Only (01), Zero-dollar Auth Only (01)
  • 0723 - F (First Payment to Establish Credential on file)
  • Field 0738 - Not Present
  • 0047 Position 5 - Appropriate Value
  • 0054 - As Entered
  • Initiated By - Cardholder
  • Reason COF Established - Unscheduled

Using a Credential on File

  • Merchant initiates a payment for a meal or service using the established COF based on a standing arrangement with the Cardholder.

    Example: Merchant performs a transaction for a weekly food delivery to the cardholder.

    • Transaction Types - Sale (02), Auth Only (01)
    • 0723 - S (Subsequent Payment)
    • Field 0738 - Value from Original Transaction Response
    • 0047 Position 5 - A
    • 0054 - 01
    • Initiated By - Merchant
    • Reason COF Established - Unscheduled

  • Cardholder initiates a single purchase using the established COF.

    Example: Cardholder purchases a meal for delivery from the restaurant

    • Transaction Types - Sale (02), Auth Only (01)
    • 0723 - U (Unscheduled Payment)
    • Field 0738 - Value from Original Transaction Response
    • 0047 Position 5 - A
    • 0054 - 01
    • Initiated By - Cardholder
    • Reason COF Established - Unscheduled

  • Cardholder or Merchant initiates a Return Transaction using the established COF.

    Example: Cardholder cancels an item from the meal after purchase was made and an amount is to be refunded.

    • Transaction Type - Return (09)
    • 0723 - U (Unscheduled Payment)
    • Field 0738 - Value from Original Transaction Response
    • 0047 Position 5 - A
    • 0054 - 01
    • Initiated By - Cardholder
    • Reason COF Established - Unscheduled

    Example: Merchant has overcharged for a previous meal purchased or service provided.

    • Transaction Type - Return (09)
    • 0723 - S (Subsequent Payment)
    • Field 0738 - Value from Original Transaction Response
    • 0047 Position 5 - A
    • 0054 - 01
    • Initiated By - Merchant
    • Reason COF Established - Unscheduled

  • Merchant initiates an Incremental Authorization.

    Example: Merchant requires an additional authorization amount for meal purchased or to add a tip, an incremental authorization is performed using the COF.

    • Transaction Type - Incremental Auth (75)
    • 0723 - S (Subsequent Payment)
    • Field 0738 - Value from Original Transaction Response
    • 0047 Position 5 - 4
    • 0054 - 01
    • Initiated By - Merchant
    • Reason COF Established - Unscheduled

  • Merchant initiates a Prior Authorization to complete a previous COF authorization only transaction.

    Example: Merchant needs to submit a prior authorization for a COF transaction as part of their End of Day process and initiate settlement.

    • Transaction Type - Prior Authorization (07)
    • 0723 - Same as initial Authorization Only (01)
    • Field 0738 - Value from Original Transaction Response
    • 0047 Position 5 - Same as initial Authorization Only (01)
    • 0054 - 01
    • Initiated By - Merchant
    • Reason COF Established - Same as initial Authorization Only (01)

  • Merchant initiates a Reversal or Void of a previous COF transaction.

    Examples:

    • Merchant needs to cancel a previous transaction, a void or full reversal is performed.

    • Merchant has over charged on previous authorization transaction, a partial authorization is performed.

      • Transaction Types - Full Reversal (61), Partial Reversal (76), Void Sale (11), Void Return (17)
      • 0723 - Same as original
      • Field 0738 - Value from Original Transaction Response
      • 0047 Position 5 - Same as original
      • 0054 - 01
      • Initiated By - Same as original
      • Reason COF Established - Same as original

POS Data Code - Field 0047 Position 5 – Cardholder Presence

Cardholder Present Value:

  • 0 = Cardholder present

Cardholder Not Present Values:

  • 1 = Cardholder not present (reason not specified)
  • 2 = Cardholder not present, mail order
  • 3 = Cardholder not present, telephone order
  • 4 = Cardholder not present, Industry Practice
  • 5 = Cardholder not present, eCommerce
  • A = Cardholder not present, Standing Authorization - Unscheduled
  • 9 = Cardholder not present, Standing Authorization – Recurring or Installment

POS Entry Mode - Field 0054

Entry Mode of the Transaction:

  • 01 = Manual/Key Entry
  • 05 = EMV
  • 07 = Contactless Chip Card
  • 80 = EMV fall back to swipe
  • 90 = Magnetic Stripe
  • 91 = Contactless Mag Stripe

Compliance Data Value - Field 0738

  • This field contains the compliance data required to process Credential on File transactions. The value is returned in the API response of the transaction that established the COF. This value must be retained by the merchant POS.

  • The stored value must be provided on in the API request by the POS on all transactions using the COF.

When Establishing a COF

  • API Request – Not Present

  • API Response – Compliance Data Value - Merchant POS must retain for all transactions using a COF

When Using a COF

  • API Request - Compliance Data Value retained from field 0738 of the Original Authorization Transaction Response when the COF was Established.

  • API Response - Compliance Data Value – Possibly a different value from the request – merchant does not need to store this value.

important

When attempting to establish a COF, if a value is not returned in field 0738, the response the COF was not established. In this case, the merchant must treat this and any future transactions for this card as non COF transactions, as such do not send 0723 and 0738 on those future transactions.