Comments (20)
In the UK, 3D Secure is just accepted and used most of the time. It offers additional assurance to the vendor, and consumer just kind of accepts it without really understanding what it is for. Of course when there are no goods changing hands - online services where you don't really lose anything if a card turns out to be a stolen number - then 3D Secure can be turned off and the vendor takes the hit.
tl;dr: In the UK, it's big.
from omnipay-stripe.
As the maintainers are not interested in this integration continuing to be usable, I guess we're left with either doing it ourselves or ripping Omnipay out of our projects.
I'd rather the former than the latter. Anyone else interested in working on this?
Without wanting to be divisive, this is the situation with Active Merchant, Spreedly and Omnipay. Which is why you should take a look at our product, you get lots more out of the box with one payments API. We've already updated to the new Stripe API and will be doing so for all our supported gateways - [link removed]
from omnipay-stripe.
There isn't any support for it yet, and there's a general level of suspicion in the community about 3-D secure, it's considered by a lot of people to be a bad idea from a merchant point of view. If someone wants to add it then I'll consider a PR but I have no plans to do so myself.
from omnipay-stripe.
Any update on this?
Keep in mind that the EU's Payment Service Directive 2 requires the use of strong customer authentication for any kind of online payment over 30 EUR.
So you can expect a ban on transactions without 3D secure pretty soon...
from omnipay-stripe.
Right on cue: https://stripe.com/docs/strong-customer-authentication
from omnipay-stripe.
After having a discussion with the Stripe support, I would like to add my own: at the present state, it is impossible on Stripe to save a card token and pay later with 3D Secure, even with the newest Payments API. So, if you wish to support 3D-Secure, your payment should be contextual to the input of the card.
from omnipay-stripe.
So does anyone have a PR for this?
from omnipay-stripe.
How dare you, @barryvdh, ask us to contribute to a software that is given for free, support included? Go back to work, never to be heard until next complaint!
I'm joking: first, please kindly.accept my thanks for such a good software, that I've used in the past for a non profit event, we collected a lot of money that went to poor families that got struck by an earthquake here in Italy. I am thinking about starting work on this feature, but it would be ready in a month or two, because of my schedule. Also, I could need an hand with proper formatting and testing.
Would be ok? Or is there anyone else that is already tackling on this feature?
I would also like to add that it could be maybe possible to add the newest SEPA payment type (automatic EU wire transfer) in a single swoop, while upgrading to the new API.
from omnipay-stripe.
Hi @digitall-it, did you make any progress on this? Here in the UK every merchant I've worked with requires it because it shifts liability onto the card issuer.
I've built my own code to handle Stripe's 3DS on some sites, but this time round needing PayPal Checkout too, have looked at Omnipay thinking it's silly to keep doing my own integrations using the native SDKs. But unfortunately, no 3DS for Stripe, no benefit to Omnipay :(
from omnipay-stripe.
There's a new library that needs to be integrated. The problem with payments is that to contribute with good code, you have to work in a TDD environment. That means that you have to write all sort of tests and have them all pass when you code, so the development is a little slower but a little more reliable.
from omnipay-stripe.
wonder if there is some progress made to this. 3D secure is a big deal in Europe
from omnipay-stripe.
It's actually going to be a regulatory requirement in Europe to require 3DS and more specifically version 2.0 starting April this year
https://www.barclaycard.co.uk/business/news-and-insights/guide-to-strong-customer-authentication
The European Commission has intervened by placing secure customer authentication (SCA) requirements on participants to reduce fraud as one of the core components of PSD2. From the 14 September 2019, the expectation is for all ecommerce transactions to be processed via secured industry protocol such as 3D Secure.
VISA and MasterCard will be mandating that the new version of 3D Secure (version 2.0) should be in place for issuers and merchants by April 2019 in preparation for the mass adoption in September 2019.
from omnipay-stripe.
Not sure if this one helps too https://stripe.com/docs/payments/payment-intents
from omnipay-stripe.
+1 for this too
from omnipay-stripe.
Any comment on whether Stripe's new payment intent is going to be integrated with Omnipay to comply with SCA?
from omnipay-stripe.
As the maintainers are not interested in this integration continuing to be usable, I guess we're left with either doing it ourselves or ripping Omnipay out of our projects.
I'd rather the former than the latter. Anyone else interested in working on this?
from omnipay-stripe.
Sorry, but I don't currently have time to work on this and I'm also not using Stripe at the moment.
If anyone is up for a PR I'm happy to review it though. Not sure what the impact would be.
from omnipay-stripe.
After having a discussion with the Stripe support, I would like to add my own: at the present state, it is impossible on Stripe to save a card token and pay later with 3D Secure, even with the newest Payments API. So, if you wish to support 3D-Secure, your payment should be contextual to the input of the card.
You can tokenise a card and re-use it if the new payment is flagged correctly and meets the rules, this depends on what kind of payment you are doing. If it's MOTO for example then 3D Secure doesn't apply. Plus “low-risk transactions” where the payment provider can do a risk assessment if their’s or the bank’s overall fraud rates for card payments do not exceed certain thresholds; or the value of the transaction is lower than €30, but not if the total sum of the 5 previously exempt transactions is greater than €100 (!). What Stripe haven't done yet is added the ability to flag MOTO correctly in their API.
from omnipay-stripe.
@nickdunse it's fine to be provide feedback, but please don't promote commercial services like this. I've removed your link.
from omnipay-stripe.
@nickdunse it's fine to be provide feedback, but please don't promote commercial services like this. I've removed your link.
Cool, no problem. I'm here to help regardless I spend 100% of my time working with payment providers, so feel free to ask any questions.
from omnipay-stripe.
Related Issues (20)
- Unable to send Stripe request HOT 1
- PHP 8 support ? HOT 1
- SetupIntents - release?
- undefined method getPaymentIntentReference() HOT 2
- Stripe not Receiving Customer Info HOT 3
- get POST data on isRedirect() HOT 1
- ListPaymentIntentsRequest
- `transactionFee` parameter does nothing
- Refund API method not implemented at all when using SCA
- New work not tagged or documented?
- Clarify when to use purchase/authorize/capture and confirm in README
- No release since fix was merged HOT 2
- Checkout gateway purchase request issues
- As per Indian regulations, export transactions require a customer name and address.
- can't use it with klarna or sofort HOT 1
- How to add local stripe other payment method ? HOT 1
- Stripe Payment Intents are not working. HOT 3
- Stripe confirming 3Ds PaymentIntent (with a failed authorization) gives wrong error HOT 1
- CreatePaymentMethodRequest - should billing details be attached to having a card?
- Intents authorize will behave the same as a purchase by default HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from omnipay-stripe.