#jonathan_api

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1347483882278096908

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• jonathan_api, 7 hours ago, 3 messages

Hello! Just to clarify, is your request to have 3DS enabled for all transactions?

i'm in japan so all transactions require 3ds
https://support.stripe.com/questions/3ds-mandate-in-japan

however I'll need to do transactions for subscription payments, so the customer won't be present in those situations, and therefore I need to prevent a challenge flow from occuring

are you using Stripe Subscriptions? Or you're creating PaymentIntents to perform your own recurring payments?

For context, if you're using Stripe Subscriptions, Stripe will handle everything automatically. If you're creating PaymentIntents to perform your own recurring payments, if the customer is off-session, you would indicate so when creating the PaymentIntent : https://docs.stripe.com/api/payment_intents/create#create_payment_intent-off_session

Unfortunately my company wants to execute subscription payments manually via batch script, so I can't use Stripe Subscriptions.

Ok, and would indicating the payment is off-session guarantee a 3ds challenge would not occur?

and regarding my original question, is there a relationship between setting usage to off session in Setup Intents, and payment_method_options.card.request.tthee_d_secure to challenge?
ie is one more effective than the other? is it better to include both to have in greatest chance of triggering a challenge flow at setup time (and hence be exempt from challenge flows at later payment intent confirmations)?

the root of my question is; there are 2 different documents (included in my original question) telling you how to do the same thing, but providing different ways to do it, so I would like to clarify if I should do both, or if I do either then I should be ok.

indicating the payment is off-session guarantee a 3ds challenge would not occur?

When you pass in off_session=true, Stripe also passes on this information to the issuer that the customer is not present to confirm that payment.

I would say that only in very very rare cases, assuming that the original PaymentMethod was correctly setup for future usage, that the issuer will still want authentication. If the issuer does want authentication and the customer is off-session, Stripe will return the error authentication_required : https://docs.stripe.com/declines/codes

is there a relationship between setting usage to off session in Setup Intents, and payment_method_options.card.request.tthee_d_secure to challenge?

There's no relationship between these two parameters.

ok, I see, so the card provider (ultimate arbiter of whether challenge flow occurs), takes into consideration whether the transaction is on or off session.

Thank you for clarifying about the usage and three_d_secure_challenge parameters - since there is no relationship between them, then I will assume setting either usage as off_session, or three_d_secure_challenge to challenge as equally and adequately effective at inducing a challenge flow when confirming setup intents.

I would say that for SetupIntents, the default usage is off_session so you don't need to explicitly pass that in.

Stripe will automatically request for 3DS where applicable i.e. for example if you're in a region where 3DS is required if you are using SetupIntents