What is 3RI?

Requestor Initiated Transactions (3RI) are transactions initiated by the merchant or requesting entity without the direct involvement of the cardholder at the time of purchase. These transactions are essential in scenarios such as recurring payments, deferred charges, subscriptions, and automated payment orders. Unlike traditional online transactions where the customer enters their credentials in real time, a 3RI transaction uses previously authenticated information to process payments securely and efficiently.

The following section describes the behavior of 3RI across the different components:

3RI Behavior with 3DS

Requestor Initiated Transactions (3RI) and 3D Secure (3DS) work together to ensure secure and frictionless payments. 3DS is used during the initial authentication of a transaction, allowing the card issuer to verify the cardholder’s identity through multiple authentication factors. Once authentication via 3DS is successfully completed during a subscription process, merchants can initiate future transactions using 3RI without requiring user intervention. This is particularly useful for recurring payments, subscriptions, and deferred transactions where the user is not present.

3RI transactions do not always require reauthentication. Card issuers can assess the risk of each payment and, in some cases, request new 3DS authentication if needed. This approach ensures secure payments while optimizing the user experience by reducing friction in repetitive or automated purchases.

3RI Behavior with Gateway

In this model, the merchant can initiate a transaction by sending a Gateway request that includes transaction data such as the previously authenticated payment token, amount, and currency. The payment provider receives the request, processes it, and forwards it to the card issuer, who evaluates the risk and decides whether to approve or decline the transaction. Depending on the risk level, the issuer may allow the transaction without additional authentication (frictionless) or may require 3DS validation.

3RI Behavior with WebCheckout

The integration of 3RI with WebCheckout allows merchants to securely process charges using a token without requiring user authentication for each transaction. This improves the payment experience and reduces fraud risk. During the subscription process that involves 3RI, a liability shift occurs once 3DS authentication is successfully completed, transferring responsibility for the authentication to the issuing bank.

• Subscription: Registering the Payment Method

  1. The customer accesses WebCheckout, completes the required information for the selected payment method, and proceeds with the subscription.
  
  2. The system authenticates the payment using 3D Secure (3DS), verifying the cardholder’s identity.
  
  3. If the payment is successful, the merchant stores a token associated with the customer’s card, and subscription details are displayed.
  

• Token-Based Payments
  When the merchant needs to process a charge without the customer’s involvement, WebCheckout:

  1. Initiates a 3RI payment request using the stored token.
  2. Sends the transaction to the card issuer.
  3. The issuer decides whether to approve or decline the transaction without requiring user authentication.
  4. The payment result is shown in the panel, with a trace indicating the use of 3RI.

3RI Behavior with the Panel

The panel allows visibility into the traceability of transactions processed through 3RI. The transaction detail view includes a marker within the additional data fields. This marker is significant, as it indicates the liability shift that occurs when 3RI is used during the transaction process, assigning responsibility for authentication to the issuing bank.

Flows with 3RI

The following diagrams illustrate the interaction of 3RI within the cardholder authentication flow during a subscription, as well as the payment flow within a transaction.