#popchenk-tokens

HI there 👋 mind if I ask what you're hoping to accomplish with the token?

yes sure, so basically I am trying to store the card after a successful payment, so we can use it in the future (so the customer does not need to worry about paying next billing cycle). Kinda like a subscription but with floating price and fixed date. I have read this in the docs: https://stripe.com/docs/saving-cards , but we actually don't want our customer to write his card info into our site. So I was wondering if it was possible to use the redirect checkout and after a successful payment, we would get the token and use it to bill the next cycles. I hope this is understandable :D.

also wondering if there are any 3D checks after billing the customer using the token ?

Gotcha, this is an older guide that's still using Charges and Tokens (a legacy approach now), so I want to double check whether you're referring to the new Checkout flow or the legacy version of that?

uhh, I am using this: https://stripe.com/docs/payments/accept-a-payment?integration=checkout

Okay, that is the newer flow. When you create the Checkout Sessions, you can use the payment_intent_data.setup_future_usage parameter to indicate that the Payment Method should be saved:
https://stripe.com/docs/api/checkout/sessions/create#create_checkout_session-payment_intent_data-setup_future_usage
https://stripe.com/docs/payments/payment-intents#future-usage

Whether 3DS will be required will depend on how you save the Payment Method. If you save it for off-session payments then we attempt to optimize the flow by requesting an exemption from 3DS, but it's ultimately up to the issuer of the payment method whether they honor that exemption. Typically they will, but you should have a flow prepared to handle the case where they don't.

Oh ok, thank you so much, one last question, how does the 3D authentication works ? Do we get like a link that the customer needs to click and fill out, or is it like some app authentication where he just clicks "ok" on his phone or something and then we just get a webhook with the successful payment details ?

It's a modal that will appear on top of the checkout page, and the exact flow will fluctuate based on issuer but it's usually some form of 2FA.

We have a couple test cards that always trigger a simulated 3DS flow (though you just click in the popup to approve them) if you want to test what that looks like.
https://stripe.com/docs/testing#regulatory-cards

ye ye, my question is though, if we use the off-session flag, do you(Stripe) let the customer know that he needs to verify himself via email or something ? Or do we need to do that on our side ?

Hello taking over for toby

If it's off-session, you can enable stripe to send the customer an email to confirm the auth

https://dashboard.stripe.com/settings/billing/automatic

Scroll down on that page and it has sca options

Thank you so much guys, I owe yall a beer

No problem! Have a good one!

To clarify, that automatic flow is for payments made as part of Stripe Billing, so it would include Invoices or Subscriptions. If you're processing one-off off-session payments, and the issuer requires 3DS/SCA for that payment, then the request where you try to confirm the payment will fail with an error and you would need to bring your customer back on session to complete the flow.

If you already have a Stripe Elements flow in place, then you could send the user through that to confirm the payment. If you're just working with checkout then it'd probably be easier to just cancel the errored payment and create a new Checkout Session for the customer.