In addition to exemptions, PSD2 outlines a number of transaction types that are deemed out of scope for Strong Customer Authentication (SCA). This means that, when flagged correctly, these transactions will not require 3D Secure 2 authentication or the use of an exemption.
Different types
The following table summarizes the different out-of-scope transaction types.
| Type | Description |
|---|---|
| Merchant-Initiated Transaction (MIT) |
Refers to a card payment made by a merchant without the customer being actively involved, as part of an agreement made during an initial customer-initiated transaction (CIT). MITs cover the following typical merchant use cases: Recurring - Transactions with a fixed amount but no fixed duration |
| Mail Order / Telephone Order (MOTO) | Transactions processed over the phone such as speaking to a customer and entering their card details into a virtual terminal or the customer interacting with an Interactive Voice Response system. |
| One-Leg Out | Transactions where one of the parties involved—either the merchant or the customer (specifically the card they are using)—is not domiciled or based in a country where PSD2 and SCA applies. |
| Anonymous Transactions | Customers do not need to complete SCA when an anonymous payment method is used, for example, a gift card. |
Next steps
Check out the following guides to learn how to correctly set up and flag out-of-scope transactions.
Learn how to set up an MIT and avoid unnecessary payment friction.
Learn how to flag a MOTO transaction both with and without card storage.