#extroniks_code

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1283774741995458601

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Hello

As long as you use Stripe Elements then no, you won't have any PCI compliance concerns.

We handle all of that for you in that case.

And this is the recommended route to go

hi, so would this be ok flow:

1. We create a setup intent with usage off_session and mandate_data, confirm set to true
2. We present elements form with set secret from setup intent
3. Once customer clicks save card bank will almost always issue a challenge due to this
4. We handle the 3ds challenge and after success the card gets added to the stripe customer
5. We use that card for future recurring charges

or would we need to incure a micro charge?

That is mostly correct

Except you should not set confirm true when you create your SetupIntent

You only do that if you have already collected a PaymentMethod

Instead, you should use confirmSetup() client-side to handle the confirmation and 3DS will be handled at that point as well.

thanks, just one more question so we cover the legal stuff

is explicit mandate acceptance required (customer clicking "I accept") or would a disclaimer above the elements form be enough?

I can't answer any legal questions, sorry.

ok, il inquire via different means for that 🙂

thanks for help, you are the best!