#eric.ho

Hi,
do you want to use server-side payment confirmation?

are you using the Card/Charge API ?

currently and you want to migrate to PaymentMethod APIs?

yes, we want to use server-side payment confirmation. Our originally flow works like:

1. Create a PaymentIntent
2. Pass client_secret to client
3. Collect card details with Element

But now we want to adjust the amount in the paymentIntent according to the card's country, so that the user pays for Stripe's service fees, instead of us paying for them. That's why the above flow doesn't quite work for us

Ideally, our new flow is something like:

1. User input card details
2. Server creates PaymentIntent with adjusted amount
3. User authorise us to charge their card
4. <We do something that possibly is time-consuming>
5. When 4. is done, we confirm the txn

You can just update the PaymentIntent amount, once you detected the card brand from the frontend
https://stripe.com/docs/api/payment_intents/update#update_payment_intent-amount

Here is an example of detecting the card brand at user input:
https://jsfiddle.net/nwyf587t/

Or you adapt your integration for server-side payment confirmation:
https://stripe.com/docs/payments/payment-intents/migration-synchronous

Is it secure to just update the payment intent amount? I have thought of it but isn't the client_secret the only thing required for the client to confirm the transaction?

On the other hand, is there something that stops us from just increasing the amount to something unreasonable without the user noticing it?

If you are using PaymentIntent, nope, but the user may dispute the payment later.

Yes you need just the client_Secret, but you can call your backend from your frontend and update the PaymentIntent

We can update it even after it is confirmed by the user?