#zse

Hi, I see you have already contacted Support and they are investigating. If you want a quick check please provide a PaymentIntent Id and I am happy to look

Generally that rule can only be set via Dashboard, so mostly the issuer bank decided the customer card doesn't need 3DS. The final decision is always on the issuer bank

Is it safe to send the pi_ identifiers publicly here?

Yes

I assume because this is an European card that 3D secure would be attempted to be requested as I have the “supported” 3D secure rule enabled.

I’ve only had 1 3D secure request for 100 payments with that rule

I’ve also seen weird results in the dashboard related to 3D secure rule testing that differs every day it seems.

Currently any rule effectiveness query for 3D secure seems to show google pay payments now which is strange because they are not eligible anyways.

Now it shows nothing for the rule test after a few hours it seems

Zooming in the specific PI you provided, yes I see it's a normal and accepted transaction, means the card network (and the issuer bank behind it) has accepted it. More specifically, before the transaction was ever made there was also an $0 authentication accepted https://dashboard.stripe.com/logs/req_WOSMliU8fpBkcC

So when the issuer bank accepted there is nothing to worry. It's only if the issuer bank doesn't accepted, and your integration can't grab the 3DS request from them then your customer won't be able to finish the transaction

Does this mean liability was shifted?

no, liability shift only happens with 3DS. Sorry that's a fair point

Is there any way of forcing 3DS if supported by the card?

I thought the request for 3DS would do that but I guess it doesn't?

https://stripe.com/docs/api/payment_intents/create#create_payment_intent-payment_method_options-card-request_three_d_secure

"request_three_d_secure": "automatic"

is any and automatic the same thing?

When you set request_three_d_secure to any, Stripe requires your customer to perform authentication to complete the payment successfully if 3DS authentication is available for a card. If it’s not available for the given card, the payment proceeds normally.

This should be identical to the rule I have enabled in the dashboard but perhaps a block rule is also required?

I am not sure...

Any is wider and documented here: https://stripe.com/docs/payments/3d-secure#manual-three-ds

It will request 3DS if 3DS is available

This shouldn't work any different then the radar rule(s)?

Um that part I would suggest clarifying with Support team. I do think request_three_d_secure = any is wider than the "if supported" radar rule, tho

Thanks.

Perhaps :card_3d_secure_support: != 'not_supported' is the better radar rule.

Thanks for helping track down the problem more anyways. You have still helped significantly more then regular support in a much shorter amount of time :)