Logo

Customer-Initiated Transaction

CIT, on-session transaction, cardholder-initiated transaction

Reading time6 min

← Back to glossary

Customer-Initiated Transactions (CIT) are payment events where the cardholder is actively present and participating in the checkout process. These transactions occur when a customer manually enters their payment details or authenticates a stored card to complete a purchase. Because the buyer is present, these flows typically require stronger authentication methods to verify the user identity.

A Customer-Initiated Transaction is an active payment authorization triggered directly by a shopper during a live checkout session. It appears at the very beginning of the payment processing flow, setting the stage for subsequent recurring billing or tokenized payments. This classification matters operationally because it carries different authentication requirements, impacts liability shifts, and heavily influences the transaction approval rate.

What makes a transaction customer-initiated?

A transaction falls into this category when the buyer is actively participating in the checkout event. In payment industry terms, the customer is considered “on session.” This framework applies equally to physical retail and digital commerce environments.

For card-present environments, a CIT happens when a buyer taps, inserts, or swipes their physical card at a point-of-sale terminal. In digital channels, it occurs when a shopper types their credit card numbers into a checkout page, provides a security code, or completes a purchase using a digital wallet like Apple Pay or Google Pay.

Because the user is actively engaged and waiting for a response, payment gateways and acquiring banks expect strong evidence that the legitimate cardholder is making the request. This active presence allows merchants to trigger specific fraud checks, such as Address Verification Service (AVS) or Strong Customer Authentication (SCA) protocols like 3D Secure. These extra verification steps are only possible because the customer is sitting at the screen, ready to respond to bank prompts.

How does a Customer-Initiated Transaction work?

Understanding the exact sequence of a CIT helps clarify why certain payment failures happen and how technical teams can prevent them. When a customer clicks the buy button, the event follows a highly structured, synchronous path.

  • Initiation: The customer finalizes their cart and submits their payment details.
  • Authentication: The payment gateway evaluates risk and checks if extra verification is required. The buyer might be briefly redirected to their bank application to approve the charge or prompted to enter a one-time password sent via SMS.
  • Routing: The payment authorization is packaged with specific data elements indicating the customer is present, and then it is routed through the acquiring bank to the card networks.
  • Evaluation: The issuing bank receives the request, reviews the transaction data, checks the available account balance, and evaluates real-time fraud signals.
  • Response: The issuer sends back an issuer response indicating whether the purchase is approved or declined.
  • Resolution: If approved, the checkout completes successfully. If the transaction is declined, the merchant must immediately prompt the buyer to try another payment method.

This entire sequence happens in milliseconds. The specific data elements sent during this journey dictate how the issuing bank treats the request and whether the transaction succeeds.

Why do Customer-Initiated Transactions fail?

While having the customer on session generally improves trust, these transactions are still vulnerable to failure. When a payment declined message appears during a live checkout, it is usually tied to a few common categories.

The most frequent cause is insufficient funds or credit limit constraints on the customer side. However, technical friction also plays a major role. If an authentication step fails because a bank application times out, or if the user simply closes the browser window during a 3D Secure redirect, the payment drops out before reaching the issuer.

Additionally, strict fraud rules can cause checkout issues. If a legitimate customer is traveling internationally and attempts a large purchase, their issuing bank might return a transaction declined code out of caution. Because the user is still on the website, merchants have a brief window to ask them to call their bank or use a different card, but a failure at this stage still risks cart abandonment.

Customer-Initiated Transactions vs Merchant-Initiated Transactions

You cannot fully optimize a payment system without understanding the relationship between a CIT and a Merchant-Initiated Transaction (MIT). The primary difference comes down to who triggers the payment and whether the customer is physically or digitally present.

A CIT is triggered by the customer while they are actively looking at the payment screen. An MIT is triggered by the merchant billing infrastructure at a later date, long after the customer has left the application.

These two concepts are deeply connected. To process recurring billing or subscriptions securely, merchants must almost always process a CIT first. During this initial checkout interaction, the customer agrees to a billing mandate. The merchant then tokenizes the payment details and receives a unique network identifier from the card network. Future charges for that subscription are flagged as MITs, but they must reference the original CIT data to prove the customer gave permission in the first place.

How do these transactions impact payment optimization?

The way you handle on-session payments directly impacts both your revenue and your overall customer experience. Because the customer is actively waiting for a success or failure screen, the stakes for speed and reliability are incredibly high.

CITs generally experience a higher transaction approval rate than merchant-initiated flows. Issuing banks trust these transactions more because the buyer is actively passing security checks. Furthermore, when you successfully authenticate a user through protocols like 3D Secure, the liability for fraudulent chargebacks typically shifts from the merchant to the card issuer.

However, when a payment fails during a CIT, the recovery strategy looks very different than it does for background billing. If an issuer returns a card declined response while the customer is looking at the page, you cannot simply retry the transaction silently. Doing so might trigger duplicate charges or trip velocity fraud filters at the issuing bank. The correct approach is to instantly display a clear error message asking the buyer for a new payment method.

Platforms focused on payment optimization and intelligent retries of declined payment transactions, such as SmartRetry, primarily operate on MITs. When a merchant needs to retry failed payments to recover revenue, they are almost always dealing with off-session subscription payment issues where silent, algorithmic background retries are appropriate.

Despite this, the success of those future background retries depends entirely on the initial CIT. If the first customer-initiated interaction is properly authenticated, cleanly tokenized, and stored with the correct network identifiers, subsequent merchant-initiated retries will face significantly fewer payment issues. A perfectly executed customer-initiated transaction is the essential foundation for long-term payment recovery and recurring revenue health.

Frequently asked questions about this term

A customer-initiated transaction is a payment the cardholder actively starts during checkout while present on session, either in store or online.
The customer submits payment details, may complete authentication like 3D Secure, and the request is routed to the issuer for approval or decline in real time.
A CIT is triggered by the customer during checkout. An MIT is triggered later by the merchant, often for subscriptions or other off-session billing.
Common causes include insufficient funds, failed authentication, bank timeouts, or issuer fraud controls that decline a legitimate purchase.
They affect approval rates, authentication outcomes, liability shift, and the quality of tokenized payment data used for future merchant-initiated charges.

Share this article