#Wanna Leave You-3ds

I'll allow it :D. What's the Q?

hi again 😄
i've talked to you a few days ago

i would ask, does 3DS rules change or it happens that 3DS can be reissued for already set up cards?

3DS can be requested for any transaction if even the card was previously setup/authenticated, yes

in the last days we are experiencing lots of 3ds failed attempts, both on customers with new method and on old methods

Do you have an example payment I can see?

i have customer and several payment

just a momento

customer cus_L98ZMgU9Muj3BO has successfully performed almost 300 euros of transactions, yet his payment methods are now requesting the 3ds

i'm asking this because normally i would think the customer didn't authenticate, but it's not the only customer experiencing this, and we guess maybe something in the 3ds2 requests might not work well with our integrations

i was thinking also about the Radar rules, but it doesn't seem to be changed at all

Looking at cus_L98ZMgU9Muj3BO:

• https://dashboard.stripe.com/payments/pi_3LQqsyIwEQ1cVQGW2dHFXTfy
• The pm_xxx used for that payment has not been previously setup

customer cus_L98ZMgU9Muj3BO has successfully performed almost 300 euros of transactions, yet his payment methods are now requesting the 3ds
Sure, that can happen. The bank can determine if/when they request 3DS and your integration should account for that

yeah, this is because the customer detached the pm and reattached it again because he thought it might have some issues with the card

pi_3LQqLhIwEQ1cVQGW1S1TzmT6

this is the first pi of the customer that has failed, and the previous ones succeeded without error

Sure, that can happen. The bank can determine if/when they request 3DS and your integration should account for that

okay, but do you have any thoughts on why we are experiencing lots of 3ds requests sistemically?

Could be a number of reasons really. Perhaps the issuing bank has only just started to enforce SCA regulations

All we know is 3DS was requested by the bank on our initial payment attempt

okok then we'll investigate with the customer to understand better the issue

thank you for your time!

Why can they not complete 3DS?

actually i dont know, we we're monitoring and we have seen about 5 failed attempts, we'll now reach to the customer and ask if its a bank issue, or ours app issue

Are these off-session payments? Or is the customer in the checkout flow?

he is in the cechkout flow

Then how is your integration confirming the Payment Intent in the front-end?

and our app prompts the next_action url to the customer to complete the payment

mostly we work with redirect url, opened in browser

https://hooks.stripe.com this is the url we receive in the next action and to which we redirect

yet, from this on, we lose the feedback from the customer because he exits our app, and that's why we have to react him to understand the issue

You shouldn't do that

You should be using confirmPayment from Stripe.js

i kniw about that, but we are using a flutter mobile app, and stripe js is not integrable

we are using this to perform the 3ds flow https://pub.dev/packages/flutter_stripe

sorry about this, it was a bit misleading

How are you integrating, with the PaymentSheet? https://docs.page/flutter-stripe/flutter_stripe/sheet

no we create the payment intent server side, the app retrieves client secret from the server in the flow of the payment and uses it in the handleNextAction method, which prompts the next authentication steps

via the return url he is then returned to the app

Yeah, as explained you shouldn't do that

You need to use the payment UIs from the Flutter lib which automatically handles confirmation

do you have a link to the documentation for this or we have to use this ?

Flutter isn't an officially supported library I'm afraid

So that's the documentation

ok we'll try to change our integration, but you think this might be the problem we are havingwith the authentication?

Where is handleNextAction from?

it is a flutter_stripe method

Hmm, maybe it should work then. I don't know

But from the logs of those payments you've sent no 3DS auth attempt was made

yeah the library doesn't have so much documentation, as far as we've seen, 3ds flow correctly prompts and allows most users to authenticate

but we don't have any test using a 3DS2 method, with notifications or messages from the bank

if it can help, this is how we are setting the payment intent server side, in order to receive a redirect url instead of a 3ds

{ amount: amount, currency: currency, setup_future_usage: 'off_session', payment_method_types: ['card'], payment_method: paymentMethodId, confirmation_method: "automatic", confirm: true, customer: user.customer.id, use_stripe_sdk: false, return_url: "app://beagleplug.com", }

we set use_stripe_sdk to false to receive the url instead of any other authentication method

Hi! I'm taking over this thread.

Can you try to summarize your question while I catchup on that thread?

hi!

yeah the first question was about some payments that, even if the pm used were was set up for future payments and successfully authenticated, if was reissuing 3ds again, but failing multiple times

since we are experiencing this on several customers we are trying to inderstand if it is a more sistemic issue rather than a problem of the customer

even if the pm used were was set up for future payments and successfully authenticated, if was reissuing 3ds again
Is this in test mode or live mode?

later i've started talking with @restive orbit about our 3dds flow and what can cause these problems

live mode

Yes this can happen. Basically it's the bank that decide to require the 3DS or not or each payment. So even if you already saved a card on Stripe and went through 3DS once, it can still be requested afterwards. So that's something that your integration needs to handle.

yeah actually 3ds its requested to the customer on our app, through the flutter_stripe sdk, every time the status of the pi is requires_action

Yes when a PaymentIntent has status:requires_action, then it means the bank is requesting the 3DS flow.

what has come to mind talking to @restive orbit, referring to this message, is that we expect to receive normal 3DS requests, but those faults are because of a 3DS2 request

which through the library isnt actually handled

So you are saying that when using handleNextAction for 3DS2 it doesn't work? Do you get an error message?

no, unfortunately it is only a supposition

beacuse we don't know why the customer isn't authenticatiing

Can you share a PaymentIntent ID where that happened?

customer cus_L98ZMgU9Muj3BO, payment intent pi_3LQqLhIwEQ1cVQGW1S1TzmT6

with the same customer, the pi pi_3LO0TUIwEQ1cVQGW1ElR0gEP succeeded

and it has the same pm

just a few minutes ago, the payment intent pi_3LQrdtIwEQ1cVQGW2Ic4DPVK was successfully authenticated with 3ds2, perhaps the authentication flow is working correctly

so i guess it might be an error of the customer, or may it be a 3ds error of the bank?

Sorry for the delay, looking into this.

Hi there. Taking over for soma as they have to step out. This is a long-running thread. Can you give me a quick summary of what you're blocked on right now, and I can look into it

hi there

i think we have found the issue

there are some issues from italian banks on mastercard circuit, because the 3ds fails because of a message of the bank