#wanna-3ds2

Hi there, Stripe SDKs support 3DS2 by default: https://stripe.com/en-gb-sg/guides/3d-secure-2#how-does-stripe-support-3d-secure-2

As you mentioned you are working with Flutter, I was wondering if this is what you are using: https://pub.dev/packages/flutter_stripe, unfortunately Stripe does not have any official support for this Stripe Flutter SDK, you might want to reach out to the community for more support on this specific topic, thank you.

Hi thanks for your response.
We are already using flutter_stripe sdk and we have also tried stripe_sdk, another package, but none of them seems to work with 3DS2 (3DS works fine).
I was wondering if setting set_stripe_sdk to false, and return_url to our app universal uri could led to making 3DS2 a redirect to page instead of requiring push notification or fingerprint auth. Unfortunately, this works in test, but we don't have any tool to test in production

setting set_stripe_sdk to false, and return_url to our app universal uri could led to making 3DS2 a redirect to page
yep that's exactly what it does

Ok that's great!

but it might still require a push notification, depends on the bank! But if you force a redirect then you don't get the native 3DSv2 UI(https://stripe.com/docs/payments/3d-secure#when-to-use-3d-secure under the iOS tab shows examples of that UI) that the SDK provides

So in that case the issuer(bank) would not enforce the usage of a notification?

Ah ok

when you say ", but in my case fails with 3ds_fingerprint" what does that mean exactly? Do you have more information? Maybe the PaymentIntent ID pi_xxx with a problem?

they might! it's just a redirect to their page. The way the customer authenticates is up to their bank, maybe the bank sends them an SMS or a push notification. In most cases you want the native flow though as it's more robust.

Yeah sure, we had some payment which failed with use_stripe_sdk in the next_action field of the PaymentIntent API

Okay, so actually until we will be using flutter, the native flow could fail anywayù

to be clear that in itself shouldn't be a problem. But sometimes people make the mistake of they look inside next_action.use_stripe_sdk for a URL to redirect to, which is wrong and not what you're supposed to do. There is no URL for 3DSv2 (since instead it contains information for presenting that native UI) and their code breaks, so maybe that's what is happening in your case?

or if you do use the SDK and 3DSv2 fails somehow, I need to look at an example.

pi_3Jw6N4IwEQ1cVQGW0aaPMNAE
This payment intent failed with a message on the phone of the customer

We are actually using the packages which try to perform a confirmation of the payment with the next_action field, but it doesn't work

with a message on the phone of the customer
can you expand on that?

in our logs all I see is creating the PaymentIntent, but there was no activity with trying to authenticate the 3D Secure process after that.

Maybe if we redirect to a self built page, which uses Stripe.js, it could be better to handle the process? Not a checkout page but only the 3DS confirmation

Ops sorry, maybe it wasn't the correct payment intent, let me check which it was

pi_3Jw6N4IwEQ1cVQGW0aaPMNAE
This was the message the client received, the traduction of the last part is "3D Secure is not active o the site is not certified"

Could be related to the certificate passed in the next_action field

hmm. I'd ask the customer to reach out to their bank. It's not uncommon for banks 3D Secure implementations to be broken unfortunately.

but yeah there's nothing in our logs about this, all I see is you creating the PaymentIntent and there's no interaction with the 3D Secure information after that(like no logs for the challenge in the UI being interacted with)

Ok as I was thinking

It's actually a bad thing because the main service provider in Italy is Nexi, which is the bank failing

As my first guess, I'm not sure all the banks use Nexi

Do you have any suggestions on this?

If it's on the banks, we can only try to increase the success rate, we only have to find the best way to handle this

might help, hard to say! Some bank's implementations of 3D Secure v2 might be broken as it's new-ish and maybe their rollouts are broken, so using an older approach of a redirect might help. Impossible to say really.

Okok, but the Stripe.js SDK has some functions to handle 3DSv2?

it will present it yep! It's not a native interface since it's not inside a native app but it should still work. (but the native app should work too really, the problem here seems more like an issuer/bank problem).

Okok then we'll try both ways, only one more question, there will be any native implementations of a flutter sdk in the near future?

can you clarify? But basically we have an iOS and Android SDK which are the core things we develop, and then we have React Native and Flutter wrapper SDKs which bridge/link to those, and that's not likely to change.

they are all native though(like they use the native iOS/Android libraries when running on the device)

Yeah, i was asking if there are any plans on creating a official flutter SDK

There is already a flutter SDK wrapper? Do you have a link to this?

it's the one linked above https://pub.dev/packages/flutter_stripe

it's official in that we support the development of it, but internally we don't use Flutter itself and my team doesn't have training on it so we're limited in how much we can help in terms of supporting use of it unfortunately

Aaah, sorry I didn't understood

Okay, I've asked this question a month ago to the email support if the package was official but they told me it wasn't

Okok then its perfect then