Recurring Payment

Recurring payments are operationally more complex than one-off transactions because they combine credential storage, scheduled execution, failure handling, and consumer protection rules — each of which differs substantially between card and bank-based rails. Merchants running subscriptions at scale need to understand both dimensions.

Card Recurring

Card-based recurring billing works through merchant-initiated transactions (MIT): the merchant stores a card credential (or token) at initial setup, anchors a Strong Customer Authentication (SCA) event at first payment, and charges the stored credential on subsequent billing dates without cardholder involvement.

Key operational variables:

• Auth rate: MIT recurring transactions have structurally lower authorization rates than cardholder-initiated payments (~89–93% vs ~96–98%) because issuers apply more conservative rules to merchant-triggered charges
• Retry logic: Failed recurring charges require intelligent retry — hard declines (lost/stolen, invalid account) should not be retried; soft declines (insufficient funds) may succeed on retry within 7–30 days
• Card expiry: Cards expire. Network tokens mitigate this by updating credentials automatically; vault tokens require Account Updater services to refresh expiry dates
• Chargeback exposure: Cardholders can dispute recurring charges as “transaction not recognised” or “cancelled subscription” — chargeback reason codes 4853/4854 (Visa), 4853 (Mastercard). Merchants must maintain cancellation evidence

Bank Rail Recurring

Bank-based recurring payments use mandate architectures — the customer authorises a pull debit relationship at setup; the bank executes subsequent debits under that mandate.

SEPA Direct Debit (SDD): Used across the 36-country SEPA zone. Customers sign a mandate; merchant collects on schedule with 5-day notice for the first debit, 2-day for subsequent. Returns (R-transactions) are possible up to 8 weeks for consumers, 13 months for unauthorised claims.

UPI AutoPay (India): NPCI mandate framework for recurring debits from UPI-linked bank accounts. Mandate categories: one-time, daily, weekly, fortnightly, monthly, bi-monthly, quarterly, half-yearly, annual, as-presented. Pre-debit notification required ≥24 hours before each debit; transactions above ₹15,000 require per-transaction authentication.

Variable Recurring Payments / VRP (UK): Open banking mechanism for variable amount pull payments. No card scheme, no interchange. Customer authenticates once; merchant debits within consent limits. Full market coverage for commercial VRP expected by late 2026.

Pix Automático (Brazil): BCB’s scheduled pull debit via the Pix rail. Customers authorise at their bank; merchants initiate debits on schedule. Offers the cost structure of Pix (near-zero MDR) with subscription-like recurring mechanics.

Failure Handling

Recurring payment failure handling directly impacts revenue retention:

Rail	Typical failure rate	Primary causes	Retry window
Card MIT	7–15%	Expiry, insufficient funds, changed card	7–30 days
SEPA SDD	3–8%	Insufficient funds, mandate errors	1–5 days
UPI AutoPay	5–10%	Insufficient funds, deregistered UPI ID	24–48 hours
VRP	2–5% (projected)	Insufficient funds, revoked consent	Same-day retry

Dunning management — automated retry sequences with cardholder communication — is standard for card recurring. Bank rail failures are less amenable to retry because the mandate is the authorisation; a failed debit often signals the customer actively lacks funds rather than a technical failure.

Consumer Protection Asymmetry

Card recurring provides cardholders with strong chargeback rights. Bank mandate recurring (SDD, UPI AutoPay) provides refund rights but not chargeback. VRP and Pix Automático are still developing consumer protection frameworks. Operators should understand the dispute exposure profile of each rail they use, since the mix affects their chargeback ratio and dispute operations cost.