#bops-sca

@strong gazelle yes you should never really create a SetupIntent and then immediately create a PaymentIntent if that's what you're doing. You only use SetupIntents if you're saving the card and then charging it hours/days later, otherwise you should just be using a PaymentIntent with setup_future_usage instead (https://stripe.com/docs/payments/save-during-payment) Doing a SI->PI has potential problems like double 3D Secure or charging the customer twice(once with a $0 validation charge and again with the real payment) so it's not ideal

2. well it's turned on by the bank, not you or Stripe for the most part. If you try to process a payment and the bank decides it's in SCA scope and you haven't run 3D Secure on it, then they decline the payment. If you use PaymentIntents you now have a state machine that catches that decline(that's what the requires_action state represents) and can recover by presenting 3D Secure and completing the payment.

@fair gate thank you. this is quite helpful.

@fair gate another question, if i may.
we have admin functionality for our customer support team to manually add a credit card to a customer's account for the customer's later use. when SCA comes into play, this may no longer be possible without access to the customer's authentication medium. are there any recommendations for supporting this use case?

sounds like MOTO usage

https://support.stripe.com/questions/mail-order-telephone-order-moto-transactions-when-to-categorize-transactions-as-moto