Skip to main content

Overview of support for stored credential transactions

Zuora

Overview of support for stored credential transactions

  1. Last updated
  2. Save as PDF

Introduction

To comply with the Stored Credential Transactions (SCTs) framework, Zuora has provided support for SCTs for specific payment methods and payment gateways since 2019. Since the 2023.07.R2 release in July 2023, Zuora has rolled out the automatic creation of stored credential profiles for Credit Card, Debit Card, Apple Pay and Google Pay payment methods. Zuora’s automatic creation of stored credential profiles is based on the assumption that you have a process in place to capture the agreement elsewhere from your customers.

For Payment Pages implemented through Direct POST to perform CITs within Zuora, you still need to implement a way for customers to give consent for their payment credentials to be stored on file, and then configure your Payment Pages to set the Direct POST fields for stored credentials.

For certain payment gateways such as Adyen, you must enable a specific setting at the gateway side to ensure the network transaction ID (NTI) is returned from the gateway to Zuora. For details, check Zuora's Overview article for the gateway and contact gateway's support.

New payment methods

For payment methods that are newly created through UI, API operations, or Payment Pages, the stored credential profiles including the NTI or equivalent will be created and activated for all supported card brands.

If you want the NTI to be added when creating a payment method, ensure that the Verify new payment method setting is enabled on the gateway instance configuration page. Otherwise, only an empty stored credential profile in Agreed status will be created.

If the Verify new payment method setting is enabled, a stored credential profile with the following properties is automatically created by Zuora.

Property Value Description
Profile action Activate

Zuora will send a cardholder-initiated transaction (CIT) to the payment gateway to validate the stored credential profile. If the CIT succeeds, the status of the stored credential profile will be Active. If the CIT does not succeed, Zuora will not create a stored credential profile.

If the payment gateway does not support the stored credential transaction framework, the status of the stored credential profile will be Agreed.
Profile type Recurring The stored credential profile can be used to process recurring but not unscheduled transactions.
Consent agreement source External Indicates that you have established the consent agreement with your customers through an external system outside of Zuora.

Existing payment methods

For existing payment methods that do not have an active stored credential profile, Zuora creates and activates stored credential profiles of the recurring type and stores the NTI that is returned from the gateway when processing payment transactions. The NTI can be returned from the gateway through either the Sharing NTI feature or the payment grandfathering process.

Sharing NTI

Zuora supports using the Network Transaction ID (NTI) generated by card networks, such as Visa and Mastercard, in payment processing on different payment gateways. For example, there is an Adyen 2.0 gateway instance and a Stripe v2 gateway instance on your tenant. An NTI generated by Visa is stored on a card that was successfully used with the Adyen gateway instance, while no NTI is stored from a transaction with the Stripe gateway instance. With this Sharing NTI feature enabled, when processing a payment via the Stripe gateway instance, Zuora will use the NTI stored from the transaction initiated through Adyen. If there is more than one sharing NTI on your tenant, the latest one will be used.

Note that this feature is not universally supported across all payment gateway integrations. The following gateway integrations support this feature:

  • Adyen Integration v2.0 
  • BlueSnap
  • Braintree
  • Chase Paymentech Orbital Gateway
  • CyberSource v2.0
  • Helix
  • Moneris
  • Saferpay
  • Stripe v2
  • Worldline Global Collect
  • Access Worldpay
  • Worldpay 1.4

The Sharing NTI feature is generally available in Sandbox environments. To enable it in Production environments, submit a request at Zuora Global Support.

Payment grandfathering

For cases that are not supported through the Sharing NTI feature, Zuora stores the NTI that is generated when performing payment grandfathering. The gateway uses an interim NTI to do payment grandfathering. In the case that the gateway no longer supports interim NTI values, the grandfathering period is over on the gateway end, so the payment grandfathering will fail and Zuora will not be able to retrieve the NTI. To stay in compliance with the Stored Credential regulation, Zuora must use the NTI that is retrieved from a successful authorization or payment on subsequent requests. If the grandfathering method does not work, the end-users must be brought back on-session to re-add their payment method details so that Zuora can retrieve and store the NTI.

Payment gateways

The following gateway integrations in Zuora support stored credential transactions.

Note that Chase Orbital Gateway integration supports both recurring and unscheduled stored credential transactions. The other integrations support only recurring stored credential transactions.

Payment gateway Visa Mastercard Discover American Express JCB Diners Club
Adyen Integration v2.0 File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
BlueSnap Gateway File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png    
Braintree Gateway File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png  
Chase Paymentech Orbital Gateway File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png  
Checkout.com File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
CyberSource, Payment API v2.0 File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png    
First Data Payeezy Gateway File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png    
Helix File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png   File:Z_Media/checkmarkGreen_xsm.png    
Merchant e-Solutions File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png      
Moneris File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png    
NMI File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
Opayo Direct File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png  
PayPal Payflow File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png    
SaferPay File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png   File:Z_Media/checkmarkGreen_xsm.png
Stripe v2 File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
Vantiv (Now Worldpay) File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
Vantiv Payment Gateway, API v8.10 File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png      
Worldline Global Collect File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
Access Worldpay File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png
Worldpay 1.4 File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png File:Z_Media/checkmarkGreen_xsm.png

If you use a gateway that is not in the preceding table, Zuora will process payments as usual, but the payments will not comply with the Stored Credential Transaction framework.

Payment methods

Zuora supports stored credential transactions for the following types of payment methods:

Payment method Payment gateway integrations that support SCTs for the payment method
Credit Card/Debit Card All payment gateway integrations listed in the Payment gateways section
Apple Pay
  • Chase Paymentech Orbital Gateway
  • CyberSource Payment API v2.0
  • Vantiv (Now Worldpay)
  • Stripe v2
  • Checkout.com - Only support generating stored credential profiles for Apple Pay when processing payments. Generating stored credential profiles for Apple Pay when creating payment methods is not supported.
Google Pay
  • Adyen Integration v2.0
  • Chase Paymentech Orbital Gateway

Stored credential profile status

  • Agreed - The stored credential profile has not been validated via an authorization transaction with the payment gateway.
  • Active - The stored credential profile has been validated via an authorization transaction with the payment gateway.
  • Canceled - The stored credentials are no longer valid, per a customer request. Zuora cannot use the stored credentials in transactions.
  • Expired - The stored credentials are no longer valid, per an expiration policy in the stored credential transaction framework. Zuora cannot use the stored credentials in transactions.

Stored credential profile types

Zuora supports the following types of stored credential profiles:

  • Recurring profile: Indicates that you have obtained the customer’s consent to initiate future transactions at regular intervals.
  • Unscheduled profile: Indicates that you have obtained the customer’s consent to initiate future transactions that do not occur on scheduled or regularly occurring transaction dates. Only one Unscheduled profile is allowed for each payment method. Currently, the Unscheduled profile is only supported in Chase Orbital Gateway integration.

When configuring your Zuora tenant, the goal is to contain an Active stored credential profile for the payment methods created on the preceding gateway instances.

View and manage stored credential profiles

Through the Zuora UI or API operations, you can view and manage the stored credential profiles created by Zuora or by yourself. For details, see Manage stored credential profiles.

Limitations

The stored credential profile with the “Unscheduled” type is only supported for Chase Orbital Gateway integration.

Related articles 

For general information about Visa's Stored Credential Transaction framework, see Visa's guidance for merchants.