Mastercard announces support of new authorization procedures for Credential (Card) on File (COF)


Mastercard will require acquirers and merchants to support authorization and settlement changes to clearly identify subsequent credential on file (COF) transactions in an effort to improve authorization approvals.

Mastercard Credential on File changes will apply to both Primary Account Numbers (PAN) and token transactions.

  • These changes do not apply to merchants that do NOT store the consumers’ payment credential
  • Merchants must send the required authorization field to improve authorization approvals
  • Merchants that do not send the proper authorization indicator for credential on file transactions may receive declined authorization responses
  • Acquirers and merchants must ensure that required fields/values match from authorization to settlement when applicable
    • Unmatched values will result in interchange downgrades or reclasses
  • Apple Pay and Android Pay transactions are not considered credential on file
    • If the cardholder instructs the merchant to store their payment credential during an in-app or e-commerce transaction using the payment credential from their Apple Pay or Android Pay, this would be considered storage of a payment credential (token)

Additional details and technical requirements for support of Mastercard’s COF framework will be provided to merchants in a separate multi-network Credential on File document.


Get advantages for your business now