lerp | Stripe Developers | Page 1

slate merlinBOT Oct 13, 2023, 2:16 PM

#

blazing thunder Oct 13, 2023, 2:17 PM

#

Hello there

final swallow Oct 13, 2023, 2:17 PM

#

Hello!

blazing thunder Oct 13, 2023, 2:17 PM

#

Yep that is the general purpose of using a SetupIntent

slate merlinBOT Oct 13, 2023, 2:17 PM

#

blazing thunder Oct 13, 2023, 2:17 PM

#

Essentially we pass a 3DS exemption to the issuer since it has already been completed in the past

#

Most often the issuer honors this and there is no 3DS required

#

However, it is always up to the issuer here... they can always still force 3DS again if they want to so you should always be prepared to bring your customer back on-session if you need to

final swallow Oct 13, 2023, 2:18 PM

#

Got it, thanks. Do you have any sense of how often issuers don't honor that exemption? Is it rare?

blazing thunder Oct 13, 2023, 2:19 PM

#

It is pretty rare, yes.

#

But can't give you any specific numbers

final swallow Oct 13, 2023, 2:20 PM

#

Alright, thanks anyway. Very helpful. I have a couple more detailed follow-up questions about our implementation and some behavior we're seeing, should I ask them here or post them in the general chat?

blazing thunder Oct 13, 2023, 2:21 PM

#

Yep you can ask them in this same thread

final swallow Oct 13, 2023, 2:22 PM

#

Ok, thanks! First question, you pass that exemption to the issuer for all future payments, correct? Not just the next payment after 3DS?

blazing thunder Oct 13, 2023, 2:25 PM

#

Correct

final swallow Oct 13, 2023, 2:25 PM

#

Awesome

#

Second question: my team is testing out our setup intent/3ds integration, and we're seeing some strange behavior post-3DS. We're successfully triggering 3DS using credit card number 4000002500003155 and then saving the payment method without any issue. However, later when the PaymentIntent is confirmed off-session, the payment is failing and we're seeing that the payment has a status of "3D Secure attempt incomplete - The cardholder began 3D Secure authentication but has not completed it." in the Stripe Dashboard

#

Any idea what's going on here?

blazing thunder Oct 13, 2023, 2:28 PM

#

Can you give me an example SetupIntent ID where you see that?

final swallow Oct 13, 2023, 2:29 PM

#

Yes, seti_1O0lr9KvO0GKmvAM5NI54Ktx. I just created that one, but I haven't tried creating/confirming the PaymentINtent yet

blazing thunder Oct 13, 2023, 2:29 PM

#

Oh sorry I need the PaymentIntent

#

I misread what you said above

final swallow Oct 13, 2023, 2:30 PM

#

Oh no worries

#

Check out pi_3O0VxlKvO0GKmvAM04YYMOKe

blazing thunder Oct 13, 2023, 2:36 PM

#

Can you run a quick test and create a new PaymentIntent for that Customer but also confirm it on creation instead of in a separate confirm request?

#

So basically just set confirm: true on creation

final swallow Oct 13, 2023, 2:39 PM

#

Yes, just going to take us a few minutes

blazing thunder Oct 13, 2023, 2:39 PM

#

I'm not seeing a reason why 3DS was requested here. I'll test too

final swallow Oct 13, 2023, 2:44 PM

#

Should we be using a different test credit card number? The documentation says that 3155 is used to simulate the following scenario:
"This card requires authentication for off-session payments unless you set it up for future payments. After you set it up, off-session payments no longer require authentication."

blazing thunder Oct 13, 2023, 2:45 PM

#

That is the right card

#

I think what is happening here is that the default for off_session is different between a PaymentIntent creation request and a PaymentIntent confirmation request

#

Which I didn't realize

#

So if you are going to confirm in a separate request (which I wouldn't really recommend to begin with as it is just more API calls) then you would need to specify off_session: true

final swallow Oct 13, 2023, 2:47 PM

#

Where would we need to specify that?

blazing thunder Oct 13, 2023, 2:47 PM

#

What I would recommend is to just remove your separate confirmation request

#

This request specifically: https://dashboard.stripe.com/test/logs/req_r1ScHQrdPBLaXa

#

Instead of doing that, just pass confirm: true in https://dashboard.stripe.com/test/logs/req_bOVwvz9rXfgKof

waxen thorn Oct 13, 2023, 2:53 PM

#

Hey bismarck, I work with seabass and he asked me to chime in here. We can't combine PaymentIntent creation and confirmation into one step; in my testing I've discovered that payment amounts cannot be changed after the PaymentIntent is confirmed. This is important to our platform, because payment amounts may differ after a customer places order, e.g., shipping quotes may change, products may be customized, etc.

blazing thunder Oct 13, 2023, 2:53 PM

#

Yeah that doesn't really make sense

#

If you are creating an off session PaymentIntent then you just wait until you are ready to charge to create/confirm the PaymentIntent

#

No reason to create one earlier in your flow

#

If you want to do it your way then you can, all you need to do is add off_session: true on confirmation: https://stripe.com/docs/api/payment_intents/confirm#confirm_payment_intent-off_session

#

But this is just an extra API request really which adds a small bit of latency and can potentially contribute to rate limits (if you are working at big scale) so that's why I don't recommend it.

waxen thorn Oct 13, 2023, 2:59 PM

#

Thanks for the recommendation on rate limits. I'll discuss further with our team on how we want to handle this extra network request; at this point I've successfully confirmed a PaymentIntent using the off-session parameter so we'll pursue this approach for now.

blazing thunder Oct 13, 2023, 2:59 PM

#

👍

final swallow Oct 13, 2023, 3:00 PM

#

Thanks bismarck, very helpful

#lerp