Payment and Setup Intent Question for 3DS

[Frank]

So currently i have this project where we do these steps to take payment:

1. Create customerID

2. Create paymentMethodID

3. Create paymentIntentIDs at a unknown time afterwards every time they use our service. This is done on our server.

This works well and good for all CC that do not require 3DS but does not work when it does. This is because we cannot challenge the user to a 3DS flow because when we create the paymentIntentID it is done after the user has closed the app.  We have tried using setupIntentIDs so that when they register their payment method we also create a setup intent classified for off_session use. The intended outcome is when they enter the payment method they are challenged for the 3DS flow then on the server when the payment intent is created we would no longer be required to challenge them for the flow. This however is not working. The setup intent is created correctly but subsequent payment intents that are created still are "requires_action".

Do i have the wrong idea about how setup intents work? Is there an additional step i have to do when generating the payment intents? Any help would be appreciated.

Thanks,

Frank

[Remi J.]

Hello Frank,

Using the SetupIntents API is the correct path forward here and would look like this:

1. Create a Customer

2. Create a SetupIntent with `usage: 'off_session'` to collect payment method details for future payments and 

3. Confirm the SetupIntent client-side which will attach the PaymentMethod `pm_123` to the Customer.

In the future, when you want to charge the customer for a specific service and they are not on your application, you can create what we call an off session payment. This is done by passing `off_session: true` during the PaymentIntent creation/confirmation.

If you don't pass `off_session: true`, it indicates that your customer is on session in your application and ready to go through 3DS if needed for example. Most of our 3DS related test cards will go through 3DS in that case. But if you pass `off_session: true` properly, then the test card 4000002500003155 documented here [1] would properly skip 3DS.

It's important to note that even if you have properly done 3DS via SetupIntent, it's possible for the bank to still require 3DS and decline the payment. It's similar to having insufficient funds on the card or just a generic decline though. In this flow, you contact your customer and get them to come back on your app to pay on session.

Hope this clarifies the situation!

Best,

Remi

[1] https://stripe.com/docs/testing#regulatory-cards

--
To unsubscribe from this group and stop receiving emails from it, send an email to api-discuss...@lists.stripe.com.