#avery246813579
maiden fulcrum
gaunt knoll
do you have an example of succeeded request before
strange ether
req_GIeDXpuUaMAdj1
Difference is
"payment_method_data": {
"type": "card",
"card": {
"number": "************4242",
"exp_month": "12",
"exp_year": "24"
}
},
vs
"payment_method_data": {
"type": "card",
"card": {
"token": "***",
}
},
Which I understand first option is a no no, that's why I am changing it lol
gaunt knoll
Yes that's true and you are in right track. But hold on how do you collect the token
How about just using PaymentSheet in our iOS SDK? I will automatically collect CVC for you
strange ether
Can't be done in our use case
And wouldn't it have that same issue?
We don't have access to the CVC at this time during the transaction
Legally lol
gaunt knoll
Can you explain a bit further? This Token creation request is supposed to be sent from the iOS app triggered by customer action. Do you mean the customer doesn't know their own CVC? https://dashboard.stripe.com/test/logs/req_45HMcXYxr4IC8I
strange ether
This is done at a point of sale when the customer is already gone and we can't store the CVC in long term storage because of PCI compliance issues
We use the createToken method inside the iOS SDK
Which is compliant with PCI as well as our integration is compliant with the workflows as well
I said compliant way too much there sorry
Wait I could actually have read the PCI compliance guide wrong
Yeah I am just dumb
Carry on
My monthly humbling in the Stripe Dev discord
gaunt knoll
Np, happy to hear you sorted it out