Fraudulent card - no indicator in error message
210 views
Skip to first unread message
Robin Williams
Aug 9, 2017, 8:58:57 AM8/9/17
to Stripe API Discussion
Hi
We tested payment of an invoice with a fraudulent card, but the error message returned did not appear to include an indicator that the card was fraudulent - or the id of the [failed] charge.
Below are the details of the response.
Thanks very much.
Robin
We tested payment of an invoice with a fraudulent card, but the error message returned did not appear to include an indicator that the card was fraudulent - or the id of the [failed] charge.
It would be helpful for the error to include both these pieces of information.
We tried this on the test system using card number 4100000000000019.
Below are the details of the response.
Thanks very much.
Robin
type: "StripeInvalidRequestError",
stack: "Error: Your card was declined.
at Error._Error (/opt/app-root/src/node_modules/stripe/lib/Error.js:12:17)
at Error.Constructor (/opt/app-root/src/node_modules/stripe/lib/utils.js:99:13)
at Error.Constructor (/opt/app-root/src/node_modules/stripe/lib/utils.js:99:13)
at Function.StripeError.generate (/opt/app-root/src/node_modules/stripe/lib/Error.js:57:14)
at IncomingMessage.<anonymous> (/opt/app-root/src/node_modules/stripe/lib/StripeResource.js:154:39)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:974:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)",
rawType: "invalid_request_error",
code: "card_declined",
param: undefined,
message: "Your card was declined.",
detail: undefined,
raw: {
type: "invalid_request_error",
message: "Your card was declined.",
code: "card_declined",
headers: {
server: "nginx",
date: "Wed, 09 Aug 2017 12:04:25 GMT",
content-type: "application/json",
content-length: "128",
connection: "close",
access-control-allow-credentials: "true",
access-control-allow-methods: "GET, POST, HEAD, OPTIONS, DELETE",
access-control-allow-origin: "*",
access-control-max-age: "300",
cache-control: "no-cache, no-store",
idempotency-key: "scr.invoices.pay.20170809120425036",
original-request: "req_gnrDygz0MLDpkX",
request-id: "req_gnrDygz0MLDpkX",
stripe-version: "2017-06-05"
},
statusCode: 402,
requestId: "req_gnrDygz0MLDpkX"
},
headers: {
server: "nginx",
date: "Wed, 09 Aug 2017 12:04:25 GMT",
content-type: "application/json",
content-length: "128",
connection: "close",
access-control-allow-credentials: "true",
access-control-allow-methods: "GET, POST, HEAD, OPTIONS, DELETE",
access-control-allow-origin: "*",
access-control-max-age: "300",
cache-control: "no-cache, no-store",
idempotency-key: "scr.invoices.pay.20170809120425036",
original-request: "req_gnrDygz0MLDpkX",
request-id: "req_gnrDygz0MLDpkX",
stripe-version: "2017-06-05"
},
requestId: "req_gnrDygz0MLDpkX",
statusCode: 402,
Remi J.
Aug 9, 2017, 9:02:03 AM8/9/17
to api-d...@lists.stripe.com
Hey Robin,
I definitely agree that adding the reason for the decline on the response to the Pay Invoice API [1] would be useful. At the moment, we only surface this when you create a charge via the API [2] though. I'll share this with the engineering team to see if that's something we could improve in the future by providing both a `decline_code` property and the charge id in the response.
Cheers,
Remi
--
You received this message because you are subscribed to the Google Groups "Stripe API Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to api-discuss+unsubscribe@lists.stripe.com.
To post to this group, send email to api-d...@lists.stripe.com.
Visit this group at https://groups.google.com/a/lists.stripe.com/group/api-discuss/.
Adam McGreggor
Aug 9, 2017, 9:15:19 AM8/9/17
to api-d...@lists.stripe.com
Might a decline code with some reasons perhaps be construed as tipping off in some circumstances?
--
    |
| |||||||
| 1-005 WeWork Waterhouse Square 138 Holborn, London, EC1N 2SW | |||||||
Remi J.
Aug 9, 2017, 9:17:07 AM8/9/17
to api-d...@lists.stripe.com
Hey Adam,
The code is returned server-side after the API request on charge creation already. You don't have to surface that specific error code to the end-user but it is useful for you as the merchant to be able to better understand why a given charge was declined and then decide what to do moving forward for that card or customer.
Robin Williams
Aug 9, 2017, 9:17:59 AM8/9/17
to Stripe API Discussion
Thanks Remi - that would be great.
To unsubscribe from this group and stop receiving emails from it, send an email to api-discuss...@lists.stripe.com.
Reply all
Reply to author
Forward
0 new messages