mochi-customer-update | Stripe Developers | Page 1

rugged sparrowBOT Jan 24, 2023, 5:05 PM

#

unreal laurel Jan 24, 2023, 5:05 PM

#

mochi-customer-update

#

@tardy crescent I would highly recommend using our Customer Portal: https://stripe.com/docs/no-code/customer-portal

#

But if you don't want, you need to use one of our official Elements yes. Collecting card details is sensitive and protected by PCI compliance rules

tardy crescent Jan 24, 2023, 5:07 PM

#

but I'm sending that information to our own server not stripes right? to do the update

unreal laurel Jan 24, 2023, 5:09 PM

#

what is "that information". Information of what?

tardy crescent Jan 24, 2023, 5:11 PM

#

their card details

unreal laurel Jan 24, 2023, 5:14 PM

#

https://stripe.com/docs/security/guide#validating-pci-compliance

#

you really shouldn;t collect card details and send this to your server no

tardy crescent Jan 24, 2023, 5:20 PM

#

do people not implement this functionality on their own?

unreal laurel Jan 24, 2023, 5:21 PM

#

Have you read the link above? It tells you how complex it is. Like are you doing all of PCI compliance yourself? And spending thousands of dollars on a security assessors and all of that?
I can tell you that almost no one but the largest businesses do this on their own. Even large ones use our official Elements and you should too

tardy crescent Jan 24, 2023, 5:34 PM

#

when you say they use your official elements they use the customer portal or use stipe elements to do it themselves?

#

sorry for the stupid questions but I'm being told to build this and I'm just looking into the viability of building with stripe elements vs another solution like customer portal

unreal laurel Jan 24, 2023, 5:50 PM

#

the easiest is the Portal that way you don't write any client-side code. Otherwise you can totally use Elements to do this on your own website. Both options work

tardy crescent Jan 24, 2023, 6:09 PM

#

but are you saying if I use the elements route I can't send that data back to my own server?

unreal laurel Jan 24, 2023, 6:10 PM

#

what does "that data" mean? I'm sorry, you're being super vague

#

You can't just get a raw card number 4242424242424242 and store this in your own database without having to meet extremely stringent and costly requirements for storing this securely. ~no one should ever do this and you seem confused enough that you really shouldn't do that

#

What you can do is collect card details securely with our UI components, we store the information for you and then you can use this information in the future

#

Basically you collect card details, in turn you get a Customer cus_123 and a PaymentMethod pm_ABC and you can use this for future payments, Subscriptions, etc.

tardy crescent Jan 24, 2023, 6:12 PM

#

no I dont want to store card information on our servers

#

but I need the card information to call the stripe api from our own servers and update it there no?

#

so I'm saying collect the card info with the stripe elements send the card # cvc back to our own server and then not store the data but make the update request to stripe there

#

sorry about the miscommunication. I never wanted to store the card info on our own server

#

just need to get the card info there to make the update request to stripe

unreal laurel Jan 24, 2023, 6:14 PM

#

yeah sorry you are totally misunderstanding this

#

1/ Use Elements to collect card details
2/ Use Elements to send card details to Stripe
3/ Done

#

you never access any CVC or card number or send this to your server at all

#

I'm happy to explain this further. Right now I just don't understand what part you aren't understanding as you appear a bit lost

tardy crescent Jan 24, 2023, 6:15 PM

#

is that not how to do it?

tardy crescent Jan 24, 2023, 6:15 PM

#

unreal laurel What you can do is collect card details securely with our UI components, we stor...

ok interesting

#

that makes sense

#

could you elaborate on step 2

unreal laurel Jan 24, 2023, 6:16 PM

#

Let's take a huge step back here because I am totally lost with your goal

#

What is the situation. Why are you collecting payment method details.

tardy crescent Jan 24, 2023, 6:16 PM

#

customers have subscriptions with us

#

I want them to be able to update their card info that they use to pay for those subs

#

does that make sense?

unreal laurel Jan 24, 2023, 6:18 PM

#

Okay so the update itself is unrelated to a failed payment or something. Just someone should be able to view their current card on file and then change it if they want to?

tardy crescent Jan 24, 2023, 6:18 PM

#

yea

unreal laurel Jan 24, 2023, 6:19 PM

#

Perfect so what you want to do is follow this doc https://stripe.com/docs/payments/save-and-reuse

#

it explains how to collect payment method details via the SetupIntents API

tardy crescent Jan 24, 2023, 6:20 PM

#

but do I need to create a payment intent to collect new card details or can I do it without that?

unreal laurel Jan 24, 2023, 6:21 PM

#

you don't need a PaymentIntent since you are not taking a payment. You need a SetupIntent. This is what the doc I linked above walks you through end to end

tardy crescent Jan 24, 2023, 6:21 PM

#

ok thank you ill take a look

#

really appreciate the help

unreal laurel Jan 24, 2023, 6:22 PM

#

Sure thing

tardy crescent Jan 24, 2023, 6:23 PM

#

sorry about the miscommunication and stupid questions 😁

unreal laurel Jan 24, 2023, 6:24 PM

#

nothing stupid here. It's not easy to map what your boss needs you to do with one of our numerous flows 🙂

tardy crescent Jan 24, 2023, 6:32 PM

#

so Im looking at one of the parameters usage and it can either be on_session or off_session. for this specific case would it be off_session since the customer is gonna be charged automatically through subscription?

#mochi-customer-update