Menu
I'm currently using stripe and ask customer to register the card (via stripe).
After the first checkout, the customer has his card registered. This customer can re-use this card for another checkout and I want to ask the CVC / Card Security Code for preventing the low security passwords.
Is there a call to the stripe api for this "CVC authentication" ?
Thank you
577
Note: Although you may choose not to require CVV or Postal Codes, requiring these options can significantly impact your declined transactions count as your clients' card issuing bank may need one or both of these pieces of information to approve the transaction.
Card verification code check (CVC)You can perform CVC verification by providing the CVC value either when you create a payment with a new card payment method, or when you attach a new card payment method to a customer. To re-verify the CVC on a previously saved card, refer to the integration guide on CVC recollection.
After a payment is authorized, the amount is guaranteed and held on the customer's payment method. You need to capture the funds before the authorization expires. If the authorization expires before you capture the funds, the funds are released and the payment status changes to canceled .
You can use previously saved card details to charge customers later. For one-time use, create a PaymentIntent and attach the saved payment method. You can't reuse an attached payment method unless you collect payment details again by either saving a card from a PaymentIntent or reading a reusable card.
There's unfortunately no way to do this with Stripe at the moment. There is no API you could call that would use a saved card and where you would pass the CVC along so that it's sent to the bank and checked again.
You either need to ask for the full card details again or simply rely on the saved card itself. When you create the customer and the card you can check if cvc_check is set to pass to make sure that the CVC was sent and validated by the bank so that you don't have to ask for it again in the future.
51
This is possible now. From the Stripe docs:
When creating subsequent payments on a saved card, you may want to recollect the CVC of the card as an additional fraud measure to verify the user.
Start by creating a PaymentIntent on your server with the amount, currency, and your Customer ID. List the PaymentMethods associated with your Customer to determine which PaymentMethods to show for CVC recollection.
After passing the PaymentIntent’s client secret to the browser, you’re ready to recollect CVC information with Stripe Elements on your client. Use the cardCvc Element to recollect a CVC value from your user, and then confirm the payment from your client using stripe.confirmCardPayment. Set payment_method to your PaymentMethod ID, and payment_method_options[card][cvc] to your cardCvc Element.
stripe.confirmCardPayment(clientSecret, {
payment_method: '{{PAYMENT_METHOD_ID}}',
payment_method_options: {
card: {
cvc: cardCvcElement
}
},
}).then(function(result) {
if (result.error) {
// Show error to your customer
console.log(result.error.message);
} else {
if (result.paymentIntent.status === 'succeeded') {
// Show a success message to your customer
// There's a risk of the customer closing the window before callback
// execution. Set up a webhook or plugin to listen for the
// payment_intent.succeeded event that handles any business critical
// post-payment actions.
}
}
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
