#zzking

Hi there!

1. It's completely up to the bank to decide if they request 3DS or not. Stripe will request some exemptions, but there's no guarantee. So your code should handle the case where 3DS is requested, and in this case ask your customer to come back to your website/app to go though the 3DS flow.
2. Yes, when you create a PaymentIntent you set off_session: true https://stripe.com/docs/api/payment_intents/create#create_payment_intent-off_session

Thanks for the reply ! Just to confirm: is that true that by setting "off_session: true" , then the transaction would be regarded as "merchant initiated" ?

Yes, since "off_session: true" means: you (the merchant) is creating the PaymentIntent when the customer is not on your website/app.

oh great. one funny question: I was exploring "moto" yesterday. It seems that when we set "moto" to true, then it indeed skips the SCA flow even when I tested with a SCA required card from stripe. (e.g: 4000000000003220 from https://stripe.com/docs/testing#three-ds-cards). Is this expected ?

Yes using MOTO should skip 3DS. But you are only allowed to use MOTO in vert specific circonstances (like if the customer gave your their credit card number by mail or phone).

yes, they would be usually the case. Then I am wondering :

1. Is MOTO compliant in the UK/EU regulations when SCA is required (in case you know)
2. What's the difference then between using MOTO and "off_session: true"

1. I guess, otherwise we wouldn't offer that option. But to learn more about this you should ask Stripe support: https://support.stripe.com/contact
2. It's two completely different things

• If you collected the payment details over phone/mail, use MOTO. This should not trigger 3DS.
• If you didn't collect the payment details over phone/mail, use "off_session: false" if the customer is currently online and has initiated the payment, or "off_session: true" if the customer if offline and you initiated the payment. This may or may not trigger 3DS.

If you collected the payment details over phone/mail, use MOTO. This should not trigger 3DS
yes, when collecting payment details (e.g: only recording the card details) it doesn't trigger 3DS, but it seems when we really charge the payment with an SCA required card when MOTO is true, it also skips the SCA in that case.

Yes exactly, with MOTO it should skip 3DS.

hmmm, then from a dev point of view using MOTO vs "off_session: true" doesn't really make a difference other than two different attributes, right ? coz in both cases we need to (1). Try to charge the customers , and if no SCA required, payment would succeed. (2). In case SCA is still required, we need to inform the customers to come back and do the SCA themselves

Maybe Stripe handles the MOTO and "off_session: true" in different ways internally, but to the external devs they are just two different params that we need to set . Am I right ?

I'm sorry but I don't understand your question.
When you are collecting the card numbers from mail/phone, you should use MOTO in the API and this means that there should not be any 3DS requested. In all other case, you are not allowed to use MOTO, so you should use "off_session: true" for merchant initiated transactions (which may or may not require 3DS).

The thing you described sounds business logic / regulations to me. What I mean is : as a developer, the coding flows that I need to handle for both cases are quite similar . i.e: try to charge payments , and if SCA is required, handle it.

The Only difference between MOTO and "off_session:true" when I write my code, is that I need to set different params in the payment_intent

Correct.

great, thanks a lot for your help !