henryd-android-3ds | Stripe Developers | Page 1

velvet krakenBOT Jan 23, 2023, 6:26 PM

#

near heath Jan 23, 2023, 6:27 PM

#

Hello there

#

So overall you shouldn't really need to mess with the Radar rules (just leave the default on "request 3DS if required") nor use request_three_d_secure: any. The vast majority of the time we will prompt 3DS if the issuer tells us they require it. So you should just let us handle that and not adjust anything for forcing 3DS, but you do need to be able to handle 3DS so let's talk about that.

#

Yes you can handle this with a server-side confirmation if you so desire, though the recommended route here is just to use our Android SDK as then we just handle it for you on client-side confirmation.

#

I'm not intimately familiar with Android development so let me grab a colleague that can talk you through where to put your PaymentAuthConfig.Stripe3ds2UiCustomization code

ember pine Jan 23, 2023, 9:40 PM

#

What do you mean by client-side confirmation?

hazy coral Jan 23, 2023, 9:45 PM

#

Hi there 👋 client-side confirmation refers to the process where a Payment Intent is confirmed (the process of finalizing the Payment Intent and running authorizations for it) is triggered from client-side code.

ember pine Jan 23, 2023, 10:06 PM

#

Ok, so in the case that a mobile API is in charge of creating payment intents and if Stripe determines that for a certain transaction, the payment method has to pass through 3DS. How is the mobile SDK aware of that? Is this done automatically just by adding this code from the docs? https://stripe.com/docs/payments/3d-secure?platform=android#when-to-use-3d-secure

hazy coral Jan 23, 2023, 10:19 PM

#

I'm trying to check and see if this is consistent for mobile integrations as well, but the next_action field on the Payment Intent can indicate whether additional action needs to be taken:
https://stripe.com/docs/api/payment_intents/object#payment_intent_object-next_action

ember pine Jan 23, 2023, 10:42 PM

#

So in order to make 3DS work on the mobile app, does the payment intent need to be confirmed on the app side?

hazy coral Jan 23, 2023, 10:45 PM

#

Apologies, I think I assumed you were trying to handle the 3DS display yourself and was diving down an unrelated rabbit hole.

I believe if you confirm the payment client-side in the mobile application, then as part of the confirmation step it's determined whether authentication is required (or if that decision was overwritten previously by an explicit request to use 3DS) then the SDK will handle displaying the challenge flow.

Out of curiosity, have you run any of our 3DS test cards through the test mode version of your current flow to see if it already supports 3DS?
https://stripe.com/docs/testing#authentication-and-setup

alpine crag Jan 23, 2023, 11:10 PM

#

@ember pine let us know if you still need help with this!

ember pine Jan 23, 2023, 11:24 PM

#

I'm still not that clear with this, so I'll summarize what are doing and trying to change in our use case:

Right now, the app hits our mobile backend API and this one creates/confirms the payment intent. There's a real-time socket that tells the app when the transaction is completed
We want to add the 3DS 2 authentication to this flow, what I'm wondering about is if the 3DS can be triggered on the app even if the backend creates/confirms the payment intent

open zenith Jan 23, 2023, 11:34 PM

#

henryd-android-3ds

#

@ember pine the PaymentIntent should move to status: 'requires_action' and then you can confirm client-side to trigger 3DS

ember pine Jan 23, 2023, 11:45 PM

#

@open zenith That's the point, in our use case all the PaymentIntent stuff is handled by our backend API, so in order to include the 3DS auth, we have to bring the PaymentIntent confirmation to the app side, is that correct?

#henryd-android-3ds