During Stripe OAuth, I'm trying to create myself as a customer for my users such that I can pay them with my own credit card.
I've gotten 2 error messages when using Stripe's CreateCustomer API call:
When manually entering my card info as a "dictionary" (in PHP, i.e., array).
OAuth based requests must use card tokens from Stripe.js, but card details were directly provided.
When generating a card token first and feeding that instead into CreateCustomer()
Your card was declined.
Is creating myself as a customer for other Stripe users not possible?
Related
I want to make sure the card the customer has entered is actually a valid card. Stripe.js only validates its format, it doesn't ask for an authorization from the card issuer. But it seems Stripe requires you to create the customer to authorize the card, but this is a bit silly since the logical flow should be this:
Validate form input via stripe.js, and obtain token if format is valid
Authorize token via backend API (PHP/Ruby etc)
If authorized, create card + customer using token, add subscription/charge customer
If NOT authorized, return to form with appropriate error, and do not create the customer/charge.
How do you actually achieve this in Stripe? Is there a dedicated Stripe\Card::authorize($token) method or something similar that can be used?
When you save a card to a customer Stripe does a $0/$1 authorization on the card. You can pass the card when you create the customer, and the customer would only get created if the authorization succeeds. In addition, you can specify the plan and card when creating the customer, the customer and subscription would only get created if the card is valid AND the charge for the first period of the subscription goes through.
the scenario you describe is covered here:
https://stripe.com/docs/charges#auth-and-capture
api is here (also available in php/java/go/node/curl)
https://stripe.com/docs/api/ruby#create_charge
There was a bug in our system for a few days which meant we were taking payments on Stripe but weren't joining the card to the new customer. We need the card to be attached to the customer so that we can charge them again.
Knowing only the card information from the first charge (ie card_123) is it possible for me to add the card to the customer?
From what I see, I need a token to be able to do this and to generate a token I need the raw card data.
If you created the charge directly with a card token in the source parameter, then it's not possible to retrieve the card data afterwards and attach it to a customer object.
You will have to ask your customers to provide their card information again, generate a new token, and attach this token to customer objects.
I want to have the customer enter their card info once and have a "pay now" button that will save the users info for future payments without them having to reenter there info and stripe says this can be done if you create them in a user object.
When the user is entering their info in and saving it in a user object where it saves on the stripe side, I dont understand how this is secure, even with tokens. Couldn't the developer add another function to go along with the stripe custom forms 'submit' or 'pay now' to send the card info somewhere else before or simultaneously while stripe is generates the token? And if I want, can I have the last four digits be displayed of their "current card" in my hybrid ionic app? Can someone please explain to me what I'm missing?
Im sending the customers payment token over the wire for a affiliate to process the payment (my apps only on the client side), and because share the token does not put the card at risk, are there any security concerns I should be aware about?
Yes, a nefarious developer could easily do whatever he wants with the customer's credit card information and that would have nothing to do with Stripe. Stripe and every other payment processor assumes that its developers/clients are not using their services for malicious reasons and I'm sure if such evidence surfaced their account would immediately be revoked.
Stripe's security model allows developers to trust Stripe to store their customers' credit card numbers securely for them so that they can focus on developing their product, not worrying about building a PCI-compliant credit card database store. The idea is you hand over a customer credit card number to Stripe in exchange for a token (customer ID) which you later reference when making subsequent charges to that customer's card.
As for the last 4 digits of the card, yes that is easily obtainable via the Stripe API
https://stripe.com/docs/api#cards
I have got a stripe token from stripe js, Now I want to charge the customer. How do I send the billing address along with the stripe token for charging. My objective is to validate zip code and address_line1 which I have enabled at the stripe dashboard.
Note:- I can send the billing info without using a stripe token, by using the card details entered. I want to do it using the token received. Is it possible?
The best solution is to send the billing address details when creating the token with Stripe.js This is covered in the createToken() documentation where it lists all the fields you can provide.
Otherwise, you would save the card on a customer first and then use the Update Card API on the server to provide the billing address.
My requirement is, from my application I want my user to transfer the amount to another user of my application. Assume that both user have stripe account. I have gone through stripe docs, and I understood that in order to do transfer from one user account to another I need to use stripe connect. I could able to do authentication and I'm getting access token successfully for the sender. How can I make a transfer to a recipient ? I have only recipient's email id with me. Should I need to create a recipient through code and do the transfer using that recipient id returns from stripe ?
Im using php. Please help me.
Stripe Connect doesn't work like that. Instead, Connect allows an application to make card charges on behalf of a user and take a portion of the amount. The rest is automatically and immediately put into the user's Stripe account, where it's subject to the normal bank account transfer rules (2-7 day rolling transfers or API-driven manual transfers).
Another way to do this is using Stripe Recipients and Transfers. For example, your application charges a customer $10. You create a Recipient for your user using their bank account information (account number and routing number). Then, you can create a Transfer from your Stripe account to their bank account. Note that this only works for US bank accounts as of today.
If you really want to do user to user transfers, unfortunately Stripe isn't the platform for you. You could use PayPal or you could possibly use Balanced Payments, although again you can only transfer money to and from US bank accounts.