Skip to main content

Stored Credentials

Stored credentials - also referred to as Credential-on-File (COF) - allow merchants to securely reuse a shopper's payment details for future transactions.

Instead of handling raw credentials, Nopan issues payment tokens, which are opaque references tied to the original shopper authorization. These tokens can be reused for recurring billing, one-click purchases, and refunds, while keeping sensitive data secure and compliant.

Key concepts

  • First Payment: Shopper provides credentials (e.g., phone number, code, app approval).
  • Token Issued: Nopan creates a secure, opaque paymentToken.
  • Subsequent Use: Merchants use the token instead of raw details for MITs, refunds, or adjustments.

Flow Overview

Benefits

  • Enhances security by avoiding direct storage of potentially sensitive credentials.
  • Ensures compliance with PSD2, PCI DSS, and scheme-specific mandates.
  • Supports seamless UX for recurring billing, one-click purchases, and retries.
  • Tokens are scoped to a specific merchant and environment, ensuring they cannot be reused across different merchants or sandboxes.

Integration Scenarios

  • Recurring Payments (MIT): Charge the shopper monthly using a stored token.
  • One-Click Purchases: Shopper confirms with minimal friction using previously stored credentials.
  • Refunds & Adjustments: Use the same token to issue funds back.

Stored Credentials at a glance

Dimension
Stored Credentials
Definition
A credential or mandate created during a successful CIT transaction and stored for future use.
Trigger
Stored credentials are created as a by-product of a successful CIT flow. They are later referenced when the merchant initiates an MIT.
Shopper presence
Not required for subsequent payments, since consent was captured during the original CIT.
SCA
Strong Customer Authentication. Performed during the first CIT transaction. Subsequent MITs may be exempt depending on scheme rules.
Typical use cases
One-click checkout, recurring billing, subscription renewals, stored payment mandates.
Initiation endpoint
Credential is first created with /payments/initiate + /payments/finalize. Then reused via /payments/charge.
Validity
Stored credentials remain valid until revoked by the shopper or merchant, expired by the scheme, or replaced during shopper re-authentication.

Best Practices

  • Use payerId and paymentToken consistently in MIT flows.
  • Respect token expiry rules and re-initiate mandates when required.
  • Log token usage for observability and compliance audits.
  • Do not share tokens across environments (sandbox vs production).
  • Always associate stored tokens with your internal shopper ID to manage lifecycle events (renewals, cancellations, expiries).