#Lunar

👋 happy to help

could we please continue the conversation here

Sure thing, sorry!

Can I ask, in regards to MOTO: The javascript library captures the client card details and returns a token to my backend (PHP), then my backend uses that token to charge the card and declare the transaction as MOTO during payment intent.

How does the Javascript library know not to prompt for 3D secure, seeing as it's only after that point when MOTO is declared ?
Or rather.. If I test with either of these cards and MOTO.
I get the error that card requires auth.

would you mind removing the messages from the main channel?

Done, thanks.

no worries

how are you gathering the card details?

A basic form with the https://checkout.stripe.com/checkout.js library

you're creating a checkout session for yourself as a MOTO agent?

That form returns a token to my php backend, then I create a \Stripe\PaymentIntent::create($data); with that token, customer and append payment_method_options[card][moto] = true.

Yeah, we're creating a stripe MOTO terminal in our CRM. MOTO is enabled on the account but theres almost no documentation that I can find.

wait what?

oh this is the legacy checkout

Yeah, inherited code.

sorry I'm not really familiar with the legacy Checkout integration

I can migrate.

I need a couple of seconds to try to wrap my head around it

yeah you should probably, but it will change the whole integration

Before you invest time in the issue then, can I ask if the cards I mentioned before:

SHOULD work as MOTO, or if they'll always fail MOTO by design?

these won't even work in a normal scenario using the legacy integration if I'm not mistaken

based on this https://support.stripe.com/questions/mail-order-telephone-order-(moto)-transactions-when-to-categorize-transactions-as-moto it seems that MOTO is outside the scope of SCA meaning they won't demand 3DS if they were collected with a PaymentIntent that has the payment_method_options[card][moto] = true

so you need to change your integration to first create the PI and then send the client_secret to a front-end app where you can collect the payment details using PaymentElement

Do you have any code examples I can take a look at?

You're saying create the PI first, then capture card details via JS, correct?

yes correct

https://stripe.com/docs/payments/accept-a-payment?ui=elements

code examples, I believe ?

exactly

the only difference would be in the creation request for the PI where you would define your payment_method_options[card][moto]=true

Okay, great. I'll give that a go thanks.

If I have more questions should I start a new thread or use this one?

we usually keep the thread opened for about 1h

you could use it until it gets closed

Thanks very much for your help, hopefully I'll be alright from here, much appreciated!

let me know if you need any more help

Sorry to bother you with this one:

PIs that aren't completed after creation - will they auto clear or is it usual to get a bunch of orphaned PIs / need to write a cleanup bot myself?

the latter

Righto, thanks

sure thing

Heylo, I have a checkout working with PI and Payment Element, however I'm struggling to get it set up as MOTO.

When creating the PI, I can pass moto = true, and it tells me I need to also do "confirm" = true.

But If I do that then I get "You cannot confirm this PaymentIntent because it's missing a payment method. You can either update the PaymentIntent with a payment method and then confirm it again, or confirm it again directly with a payment method."

Surely it's chicken and egg, as I can't do confirm true until I have card details, I can't capture card details without saying "moto" because I'll get 3DSecure challenge without moto ?

Hello, I think for Moto Payments you are supposed to pass the raw card details to your backend and confirm them there. I don't think the payment element supports collecting card details for MOTO payments.

Okay, that's different to tarzan's outline, but thats okay.

Can I use your payment form to pass those card details to my backend?

If so, how?

I don't believe so but tarzan saying otherwise makes me think one of us was mistaken. I am checking in on this with my colleagues and will get back to you with what we can find

Okay great, I can't imagine I'd be PCI compliant if I capture the details myself.

@obsidian kelp I might have been off on this, sorry for the inconvenience

I was mistaken between Payment Elements and Card Elements, with MOTO and the way they work

From my memory you would still have the same PCI compliance burden because the person taking the CC info over the phone could still be recording that info. https://stripe.com/docs/payments/accept-card-payments

Yeah thank you, we are aligned on that now. So @potent abyss you can't use the Payment Element to collect card details here, but you can collect card details by using the Card Element. That would allow you to create a Payment Method object from the client side and your backend can create and confirm your MOTO PaymentIntent using that PaymentMethod's pm_123... ID

I don't see any reference to MOTO in that page, does 'metadata' => ['integration_check' => 'accept_a_payment'], prevent a 3DS check?

I'd guess I'm going to get the same error if I implement that flow in stead of the version I've just written with a payment element?

Ah, that page actually does not show off the function that was needed for the flow that I mentioned. Checking for the right doc now...

https://stripe.com/docs/js/payment_methods/create_payment_method

You would use that Stripe.js function along with your card element to tokenize the CC info as a payment method. Then you would create the payment intent serverside with the parameters from the MOTO doc but also passing in the ID of your newly created payment method

At point of card detail input, how do I prevent a 3DS check though - because in that scenario the card details are entered before stripe knows it's MOTO ?

stripe
.createPaymentMethod({
type: 'card',
card: cardElement,

Is there a way I can set moto = true on that cardElement object?

That call won't trigger a 3DS auth request. You would only be able to trigger 3DS auth with the card element if you are confirming a Payment Intent

I'm not following, the https://stripe.com/docs/js seem remedial to me, can you point me at a https://stripe.com/docs/ article that outlines a moto transaction ?

Unfortunately we don't have a doc that shows how to do this specifically for MOTO. After some looking I found an SO answer that lays out how to do this a bit https://stackoverflow.com/a/65293086/16458642

Basically you would follow our accept a payment synchronously doc until payment method creation https://stripe.com/docs/payments/accept-a-payment-synchronously#create-a-paymentmethod

I've read that one already, it doesnt show where they're getting their card details from. * securely

And then use the payment method from there to create the payment method

                                        // We don't want to let default form submission happen here,
                                        // which would refresh the page.
                                        event.preventDefault();

                                        stripe.createPaymentMethod({
                                            type: 'card',
                                            card: cardElement,
                                            billing_details: {
                                                // Include any additional collected billing details.
                                                name: 'Jenny Rosen',
                                            },
                                        }).then(stripePaymentMethodHandler);
                                    });

So at this step, in stead of running stripe.createPaymentMethod I'd hack it to post the raw card data to my server, then post the card data to stripe via php like in stack overflow ?

I'd hack it to post the raw card data to my server
No, please don't do that. Take a look at this demo which uses Stripe.js to tokenise a Card Element instance and then creates the MOTO payment with that token: https://stripe-tinydemos-moto-payments.glitch.me/

@potent abyss let us know if you have any follow up questions

Do you guys maintain the: https://stripe-tinydemos-moto-payments.glitch.me/ ?

Yes

(there's more here: https://stripe-tinydemos.glitch.me/)

Do you have a vanilla JS version ?

Not sure I understand. That is just JavaScript and HTML (via Handlebars)

Remix the Glitch and you can see the full code

Ignore me, it's the code snippet on front page looked like part of a node module - I see via the remix bit theres more javascript wrapping it up and it makes sense now.

I'll archive this thread soon as I need to step away but feel free to reach out to us in #dev-help in case you have any questions 🙂