Skarmoryman - 3DS | Stripe Developers | Page 1

turbid citrus Mar 10, 2022, 7:05 PM

#

turbid citrus Mar 10, 2022, 7:20 PM

#

Hi 👋
Sorry for the wait

#

This disables forcing 3DS from Stripe's end but it does not prevent the issuing bank from requiring 3DS authentication. So if the bank returns a response that they require 3DS, we will still proceed with 3DS and our test cards reflect that behavior.

main gulch Mar 10, 2022, 7:23 PM

#

Ok thanks. Is there a way to override that behaviour? Maybe just reject it if 3ds is required?

#

Basically I don't want there to ever be a 3dsecure prompt.

turbid citrus Mar 10, 2022, 7:25 PM

#

Because 3DS is a requirement coming from the banks (when not enabled by Radar rules on our end) the only way to avoid this would be to decline the payment intent if it came back with a next_action status indicating it requires 3DS.

#

https://stripe.com/docs/payments/3d-secure

#

It was almost entirely European banks requiring 3DS but recently we've seen an uptick in MasterCard requiring it as well. I understand you don't want to show the modal but it could result in many more declined charges over time.

main gulch Mar 10, 2022, 7:30 PM

#

@turbid citrus Thanks a lot. So following the link you posted, I can avoid ever going to 3d secure right?

Also thanks for heads up, but this is not up to me. May change once 3d secure becomes more common where I am.

turbid citrus Mar 10, 2022, 7:32 PM

#

The link I provided gives an overview of how 3DS works with Stripe and the values that indicate when 3DS is required. We don't have docs explicitly to cancel payments with 3DS because we generally want you to get paid as much as possible.

#

But the doc, and the linked API docs, should give you enough info to write a flow that catches payment methods that required 3DS

main gulch Mar 10, 2022, 7:33 PM

#

great, thank you

#

@turbid citrus Just one more question. If 3ds still requested if bank requires it, what exactly does the radar rule refer to when it says **Request 3D Secure if 3D Secure is required for card **? I thought this meant if the bank required it.

turbid citrus Mar 10, 2022, 7:46 PM

#

Banks can require 3DS per auth request. This radar rule triggers it automatically regardless of whether the bank requires it this time or not.

main gulch Mar 10, 2022, 7:50 PM

#

ok so basically this rule just checks if this card in general is 3d secure required. However it has nothing to do with whether the bank is requiring it at this moment.

plain hatch Mar 10, 2022, 7:54 PM

#

Hi there! Stepping in for @turbid citrus as he needs to step away. Give me a second to catch up.

#

Hi there, so firstly I would strongly recommend that you implement support for 3DS regardless of where you are located! More and more non-SCA affected issuers are enforcing 3DS for security reasons.

#

In terms of the Radar rule, this will help ensure that Radar triggers 3DS based on our mapping of cards/issuers that require it. However, an issuer can still require it separately from Radar at any point.

#Skarmoryman - 3DS