A Checkout charge session can be created for a saved card (card-on-file). In this case the customer will not have to enter card details, but only have to go through Strong Customer Authentication (SCA). A card-on-file session can be used for payments with a saved card where the customer is present (Customer Initiated Transaction) to be compliant with PSD2. See https://blog.reepay.com/psd2-strong-customer-authentication/. Notice the contrast to Merchant Initiated Transaction.

To create a card-on-file charge session the argument card_on_file must be supplied when creating the session. The argument value is a stored card reference ca_xxx.... The customer provided in the order object with customer_handle must match the customer owning the saved card.

If a payment fails in the card-on-file session, an error will be reported either as Javascript callback for overlay and embedded, or as a HTTP query argument error on the cancel url in window mode. If the card-on-file fails, an alternative payment option could be presented to the customer. E.g. a new session without card-on-file.

CVV will by default not be required for charge sessions but will by default required for recurring sessions. It can be controlled using the parameter card_on_file_require_cvv.

Example API call to create a charge session with card-on-file:

curl -X POST \
  --url https://checkout-api.reepay.com/v1/session/charge \
  -u 'priv_xxxx:' \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/json' \
  --data '{
    "card_on_file": "ca_11111111111111111111111111111111",
    "order": {
        "ordertext": "Awesome product",
        "handle": "order-12345",
        "amount": 10000,
        "customer_handle": "cust-0001"