What is Recurring Billing?

What Is Recurring Billing?

Recurring billing is a payment model where a business automatically charges a customer at regular intervals -- weekly, monthly, quarterly, annually, or on any agreed schedule. Instead of invoicing the customer each time and waiting for manual payment, the business collects payment automatically using stored card details, a direct debit mandate, or another pre-authorised payment method.

This model underpins subscriptions, memberships, service contracts, instalment plans, and any arrangement where the customer agrees to ongoing payments. From streaming services and gym memberships to SaaS platforms and insurance premiums, recurring billing is now one of the most common payment structures in both consumer and business markets.

How Recurring Billing Works

The Setup

The customer provides their payment details once -- typically a card number or bank account details -- and authorises the business to charge them on a regular schedule. This authorisation is critical. For card payments, the business stores a tokenised version of the card (never the raw number) and submits charges against that token on each billing date. For direct debits, the customer signs a mandate giving the business permission to collect from their bank account.

The Billing Cycle

On each scheduled date, the billing system automatically initiates the payment. For card payments, this means submitting an authorisation request to the card issuer. For direct debits, it means submitting a collection request to the bank. If the payment succeeds, the customer's account is marked as current. If it fails, the system typically retries according to a configured schedule -- a process called dunning.

Failed Payment Handling

Failed payments are one of the biggest challenges in recurring billing. Cards expire, accounts run out of funds, banks flag unusual activity. A well-designed recurring billing system handles this gracefully through:

• Automatic retries Retry the payment after a few days, as many failures are temporary (e.g., insufficient funds on payday minus one)
• Card updater services Automatically update stored card details when a customer's card is replaced due to expiry or reissue
• Customer notifications Send emails or SMS messages prompting the customer to update their payment method
• Dunning sequences Escalating communications over days or weeks before suspending service

Recurring Billing Methods

Card-on-File

The customer's tokenised card details are stored and charged automatically. This is the most common method for online subscriptions and SaaS products. Under PCI DSS, the card must be stored as a token, not in its raw form, and the merchant must comply with card-on-file requirements.

Direct Debit

The customer authorises collections from their bank account. In the UK, this is managed through the Bacs or Faster Payments systems. Direct debit tends to have lower failure rates than card-on-file because bank accounts do not expire the way cards do, and the fees are typically lower.

Standing Orders

Unlike direct debit, which is merchant-initiated, a standing order is set up and controlled by the customer through their bank. The amount is fixed, and changes require the customer to contact their bank. Standing orders offer less flexibility for the merchant but more control for the customer.

Recurring Billing and PCI DSS

If a business stores card details for recurring billing, those details are in scope for PCI DSS. This is why tokenisation is essential -- the business stores a token that references the card, not the card itself. The actual card data is held by the payment processor or tokenisation service provider, which is responsible for its security.

Businesses that handle their own card storage without proper tokenisation face the full weight of PCI DSS compliance requirements, including regular audits, penetration testing, and extensive network security controls. Using a PCI DSS-compliant payment provider for token storage dramatically reduces this burden.

Recurring Billing Over the Phone

Many recurring billing relationships start with a phone call. A customer calls to sign up for a service, and the agent needs to collect their card details to set up the first payment and store the token for future charges. This creates a PCI DSS challenge -- the agent is handling card data in the voice channel.

Secure telephone payment solutions address this by ensuring the initial card capture is handled without the agent seeing or hearing the card number. The customer enters their details on their phone keypad using DTMF masking, or completes the payment via a link sent to their phone. The token is created securely, and all subsequent recurring charges are processed automatically without any further card data exposure.

Subscription Management

Recurring billing is the payment component of subscription management, but the broader picture includes plan management (upgrades, downgrades, add-ons), prorated charges when changes happen mid-cycle, trial periods, pause and resume functionality, cancellation flows, and revenue recognition. Businesses with complex subscription models typically use dedicated subscription management platforms that integrate with their payment provider.

Key Metrics in Recurring Billing

• Churn rate The percentage of subscribers who cancel in a given period
• Failed payment rate The percentage of attempted charges that fail
• Recovery rate The percentage of failed payments successfully recovered through retries or customer action
• Monthly recurring revenue (MRR) The predictable revenue generated each month from active subscriptions
• Lifetime value (LTV) The total revenue expected from a customer over the duration of their subscription