eranga | Stripe Developers | Page 1

glass gyro Oct 18, 2021, 3:47 AM

#

hello @main saddle you can use https://stripe.com/docs/api/invoices/list

main saddle Oct 18, 2021, 3:51 AM

#

I checked that one, I am wondering what status I should look into

glass gyro Oct 18, 2021, 3:53 AM

#

status=open

main saddle Oct 18, 2021, 3:53 AM

#

Great, thank you so much

#

I have another question that goes with this

#

I tested the flow and I was able to charge a customer as soon as the customer attches a payment method

#

However, my company has half of its clients in Europe and the credit cards on Europe requires 3D authentication

#

My question is, since I am trying to do everything on the backend, would this 3D authentication cause issues? Will I not be able to charge the customer just by using the backend if 3D authentication is enabled?

glass gyro Oct 18, 2021, 4:02 AM

#

yes, there would be some friction if 3DS is required. What you can do is to turn on these settings for customer emails so that Stripe send an email to your customer requesting that they authenticate

main saddle Oct 18, 2021, 4:03 AM

#

Thank you so much. Give me a second to read this and I'll get back to you 🙏

#

This is great. Does this means when I try to charge the customer from my end, the customer will get an email asking them to confirm the payment that I was going to do?

glass gyro Oct 18, 2021, 4:11 AM

#

yep that's right

main saddle Oct 18, 2021, 4:12 AM

#

Superb. Thank you @glass gyro 🎉

#

Sorry one more question

#

My product is based on a subscription

#

Does this mean every time I charge, the customer will get an email to verify the charge? Or is it only for the first time?

#

(in case 3D secure is mandatory)

glass gyro Oct 18, 2021, 4:17 AM

#

if 3DS is mandatory for every charge, then the user will get an email to verify the charge every time. But otherwise, if the charge is identified as off-session, it typically wouldn't request 3DS

main saddle Oct 18, 2021, 4:20 AM

#

That would be okay I guess. Could you please point to me the documentation where I can read how Stripe handles 3D authentication and where I can see

if the charge is identified as off-session, it typically wouldn't request 3DS
(if Stripe has the documentation for this)

glass gyro Oct 18, 2021, 4:21 AM

#

onesec, let me see if it's mentioned explicitly anywhere

#

it's somewhat implied here : https://stripe.com/docs/strong-customer-authentication/sca-enforcement#unsuccessful-payments

You may see off-session payments failing even though you think they’re exempt from SCA requirements. For off-session payments, make sure that you’re authenticating the card when saving card details, either without a payment or during a payment. When saving cards without a payment, use the Setup Intents API and set usage to off_session. When saving cards during a payment, set setup_future_usage to off_session. Finally, be aware that exemptions aren’t guaranteed and off-session payments may still require authentication by the bank.

main saddle Oct 18, 2021, 4:27 AM

#

What does this mean?

make sure that you’re authenticating the card when saving card details

glass gyro Oct 18, 2021, 4:28 AM

#

that when you're saving the card to the customer, you perform 3DS

#

that should be automatically handled by the default settings

main saddle Oct 18, 2021, 4:29 AM

#

I am asking the customers to enter the card details in the customer portal.

that should be automatically handled by default
So this should be handles automatically at that point, right?

glass gyro Oct 18, 2021, 4:29 AM

#

yep

main saddle Oct 18, 2021, 4:30 AM

#

However, I am saving the cards only. There is no payment attempted by Stripe when the customer enters the card (I'm listening to the webhook event but doing the payment attempt on my end)

glass gyro Oct 18, 2021, 4:30 AM

#

that's fine, even for saving a card, Stripe can request 3DS

main saddle Oct 18, 2021, 4:31 AM

#

Super cool 🎉 That means, I don't need to think about setting setup_future_usage to off_session at all

#

However, on the first attempt to charge a 3D secured credit card, the verification email will be sent to the customer

#

From the second attempt onwards, it might or might not ask for the verification

glass gyro Oct 18, 2021, 4:33 AM

#

hmmm, you can try creating the subscription with off_session=true https://stripe.com/docs/api/subscriptions/create#create_subscription-off_session

main saddle Oct 18, 2021, 4:34 AM

#

Oh, give me a second to check how I create subscriptions now

glass gyro Oct 18, 2021, 4:35 AM

#

try it with test card ending with 3155 : https://stripe.com/docs/testing#regulatory-cards

#

it worked for me, and the first payment didn't require 3DS

#

in the rare case where the user's card mandates 3DS for all payments, Stripe will email them to ask them to authenticate. So it all seems to work out well

main saddle Oct 18, 2021, 4:38 AM

#

For now, I don't put off_session but I will add that flag in my code.

#

it worked for me, and the first payment didn't require 3DS
in the rare case where the user's card mandates 3DS for all payments, Stripe will email them to ask them to authenticate. So it all seems to work out well

This is great news. I will try it on my end as well. But thank you so much for your help

glass gyro Oct 18, 2021, 4:39 AM

#

you're welcome!

#eranga