#schezwann

I need to charge off-session users but I'm stuck
I set the error_on_requires_action parameter to true otherwise my script generates payments that are never confirmed but I get an authentication_required error even though the card was authenticated with 3DS when creating the paymentMethod in a previous state

Hi! Let me help you with this.

Could you please share the PaymentIntent ID pi_xxx?

Also, it's normal to have a lot of PIs that are not confirmed.

pi_3NgNVrKCbVAaxKsX1qtd1Sq6

(It's in test environnent)

yes, for those that have been abandoned, but not for payments that require authentication when the user is not in front of the screen?

In any case, this one requires auth, and it shouldn't, so something is wrong. Checking...

Have you used a test card for this?

yes, I used the 3DS2 Required / 4000 0000 0000 3220 one

I have the same issue with Always authenticate / 4000 0027 6000 3184

I want to make sure I don't get the same error in production for banks that require 3DS

That's exactly the behavior this card simulates. No matter if it was set up or not, it will require authentication. So it's expected that it fails for off-session payments. SetupIntents do their best to not have the card request authentication on off-session payments, but, ultimately, it's always the issuing bank's decision.

This card is used to test failing payments for Subscriptions, usually.

So there's no way to handle all out-of-session payments? There will always be cases where the bank will ask for authentication even if I've already collected it when creating the paymentMethod?

In other words, should I expect to get these cases in production or is it your test card that produces this behavior?

Yes, it's not normal, but it happens, then you need to ask your customer to provide another card.

Yes.

There's a setting in your Dashboard that let's Stripe send an email automatically, to collect a new payment method for a Subscription, when all attempts to pay an Invoice fail.

https://dashboard.stripe.com/settings/billing/automatic

does this link sends the user to a Stripe page ?

Payment method are handled in a specific way in our system, I would need to send them to our site payment methods management page

Users can add a saved card, when doing so I create a paymentMethod and save the associated pm_[...] token

I then use the token to create an off-session paymentIntent when the user needs to be charged but is not the initiator

Sorry, I think Discord had some issues, we're back now.

no worries, did you receive the last 4 messages/lines?

Yes, it's a Stripe page.

You can as well do it yourself then.

yes, that's probably what I'll do

finally, is there a way to detect whether a card always requires 3DS when creating the payment method?

If so, I'd better block the creation at that point, as the card won't be able to be used in our system

Most EU and UK cards require 3DS so that would cut of a lot of customers. I wouldn't recommend that. And then, if you set it up properly, most of them will be chargeable off-session without a problem. You will still need to handle failures, if the card expires or runs out of balance. So blocking 3DS is an unnecessary limitation.

cards requiring 3DS for off-session payment do not currently work in our system

Normally this won't happen.

But you can't tell if the card will require 3DS for off-session, before you try.

so for know I'll need to intercept authentication_required errors when/if they happen

Yes, same as all other errors

which test cards should I use to simulate a bank with 3DS only on the paymentMethod creation, and one with 3DS both on creation of the paymentMethod and paymentIntents ?

You mean

1. Card that requires 3DS only during setup,
2. Card that always requires 3DS?

yes

https://stripe.com/docs/testing#regulatory-cards

1. Authenticate unless set up.
2. Always authenticate.

thank you for your precious help, that's all for now

Happy to help!