team-codeclouds-tokens | Stripe Developers | Page 1

flat sparrowBOT Jul 14, 2023, 1:01 PM

#

willow aspen Jul 14, 2023, 1:03 PM

#

Hi 👋 we can't do full integration reviews here, if you have a specific question then I will be happy to assist with that. Are you running into any errors with your approach?

Not passing raw card details to us does alleviate the PCI compliance burden that you would have had to deal with if you were handling that information directly.

One additional concern that comes to mind, is whether your flow supports 3DS/SCA, which is required for most or all transactions in Europe at this point. If you plan to operate in that region, I would recommend testing your flow with our 3DS test cards to see if any problems are encountered:
https://stripe.com/docs/testing#regulatory-cards

#

team-codeclouds-tokens

lime jetty Jul 14, 2023, 1:09 PM

#

We are not running into any issue but want to make sure that the approch is correct.

#

previously, the process was reviewed by stripe support team and they approved it

#

but recently all the new accounts created in past 1 month faced issue

#

then this PCI compliance requirement reported by stripe team and our client's payment got stuck

#

so what can be ideal way to get an approval on the procedure?

#

We already emailed this to support@stripe and our account manager from stripe

#

they redirect us to dicord channel

willow aspen Jul 14, 2023, 1:19 PM

#

To clarify, are you desiring to still use raw card details, and are seeking approval to do so. Or you're okay with pivoting away from that to not passing us raw card details and allowing Stripe.js to collect that information?

lime jetty Jul 14, 2023, 1:27 PM

#

Now we have planned like this way.

Create card token (tok_.....) through Stripe Card element (Stripe JS). The method we are following is stripe.createToken(cardElement, data).
Create cutomer through API.
Then pass this token (tok_.....) to create card API that associates specific card to specific customer through API.
Then process the paymentintent through API.

Please review our approach and let us know if this is permissible and will sustain for the long term. We assume after this change we don't need to go for PCI compliance from our side.

willow aspen Jul 14, 2023, 1:32 PM

#

Yeah, that sounds reasonable. As long as the 3DS test cards work without issue in the process then I don't think there any upcoming concerns that you would need to be wary of.

trim hornet Jul 14, 2023, 2:09 PM

#

we have used the following 3DS card number 4000000000003055 and the payment was successful.
I see. Did you have further questions?

#team-codeclouds-tokens