rnluu | Stripe Developers | Page 1

glossy swanBOT Oct 25, 2022, 5:48 PM

#

wind kestrel Oct 25, 2022, 5:48 PM

#

Hi there

#

When you attach a card to a Customer or confirm a SetupIntent then we run an authorization with the issuing bank.

#

The main reason that SetupIntents are recommended is that they allow you to handle 3DS on set up, whereas attaching to a Customer does not.

analog lake Oct 25, 2022, 5:57 PM

#

So are you saying that :

card, err := r.stripe.Cards.New(&stripe.CardParams{
            Customer: stripe.String(customer.StripeID),
            Token:    opts.creditCardToken,
        })

AND

setupIntent, err := r.stripe.SetupIntent.New

Both perform authorizations?

#

So what exactly does an authorization entail?

#

We use the former method currently and still run into cases with fraudulent cards.

wind kestrel Oct 25, 2022, 5:58 PM

#

We mostly detail what it entails here: https://support.stripe.com/questions/check-if-a-card-is-valid-without-a-charge. We ask the bank whether the card is valid or not. Doesn't mean that the bank won't decline later on for some other reason. And, to combat card-testing, we don't always ask the bank. So possible that an authorization won't happen.

analog lake Oct 25, 2022, 5:59 PM

#

Hmmm, how do we guarantee authorization to happen?

#

And when is it the case that authorization won't happen?

#

But to go back to the original follow up question, would the stripe.Cards.New and stripe.SetupIntent.New basically do the same thing under the hood: auth the card?

wind kestrel Oct 25, 2022, 6:00 PM

#

Mostly yes. The only difference is that the SetupIntent will help you handle 3DS if it is required due to the authorization.

#rnluu