How to choose an online payment solution and our choice
Choose a payment provider based on many different criteria. Some of these are service availability, transaction costs, monthly fees, integration costs, and whether to resolve sales tax issues or allow integration with other well-known payment solutions in the country where your bank account is located. Customers must answer many of these questions. Stripe is our first choice because of its excellent API capabilities. This article will use Stripe as its preferred payment processor.
Payment provider's best practices
If the transaction is not successful, try again
Transactions may fail for technical reasons, but sometimes insufficient funds may be the cause. You should retry the transaction in one hour to a few days.
Know when your CC expires
Some card details will expire or, for various reasons, their data will no longer be valid. When you do not have a valid CC data charge, the customer will not be able to proceed. The services provided by the Primary Card Program allow you to check if there are any updates to the customer data you are storing. Some online payment solutions will even update your card information for you. Stripe will do this for most MasterCard, Discovery and Visa cards. Not just CC.
Please note that in some parts of the world, people are reluctant to pay by credit card.
The best example is China, when Alipay is the main source of payment. It's worth noting that not all customers are happy to give their card details, so using well-known payment methods can help increase the completion rate of potential deals. Stripe also supports Alipay for China and Europe Giropay, iDEAL
We want PayPal
Sometimes customers just want to use PayPal because they are familiar with the brand. Don't be stubborn - stripes will help maximize your profits. Stripe and Paypal are direct competitors and there is no integration between them.
Best practices when using the Stripe payment process
Strape-compliant PCI
Most users follow the PCI standard by filling out the Self-Assessment Questionnaire [SAQ] provided by the PCI Security Standards Council. The type of SAQ depends on how you collect your card data. The easiest way to verify PCI is SAQ A. The fastest way to become PCI compatible with Stripe is to make sure you are eligible for pre-populated SEQ A. If so, Stripe will fill in SEQ A for you and will allow you to download it. After about 20 transactions, in your account's compliance settings. The way to achieve this is as follows:
- Use embedded forms called Checkout, Stripe.js and Elements [it provides better layout customization, then Checkout]. You can use react-stripe-elements that use the Stripe.js API or Stripe Mobile SDK. When you use react-native, use tipsi-stripe. Stripes don't officially support ipsi-stripe bindings, so support won't officially tell you that they match pre-populated SEQ-A compliance - but they do.
- If you are using a web service, your payment page should use HTTPS.
In all cases, data can be safely transferred directly to Stripe without going through your server. When you choose the fastest way, you won't have to do anything else. It's as simple as you reach 6 million transactions per year, and then you must complete a compliance report to verify your PCI compliance every year.
Prepare for technical failure - idempotent key
If you use the API for payment, you must be prepared for a technical failure because all networks are not reliable. If a failure occurs, it is not always possible to know if it is charged. If the network fails, you should retry the transaction. The Idempotency key is a preventive mechanism that prevents customers from charging twice. If for some reason you submitted two payments - this may be due to a retry after a failure. In the Stripes node lib, you only need to add it to the options parameter when charging. Each Idempotency key will time out after 24 hours, so if you pay with the same Idempotency key, you will be charged a fee.
Stripe charges are calculated in cents instead of dollars
Online payment solutions such as PayPal are charged in US dollars instead of US dollars. But in stripes, all costs are calculated in small currency units. This is not just a case related to the dollar, Stripes has done for all treaties.
test
Stripe provides a number of card numbers that allow you to test different scenarios on the front end and tokens so that you can test the back end directly. For example, you can test not only Visa, Mastercard, American Express, Discover, Diners Club and JCB Cards, but also international cards and 3D security cards. Stripe also provides you with tokens so you can test for failed scenarios, such as charges being rejected, or charges that are blocked due to fraud, expired cards, or processing errors. Therefore, you will be prepared for what might happen when you go online.
Don't put JSON in the description - use metadata
Descriptive as much as possible. Metadata is your friend. You can enrich the Stripe transaction with custom data so you can view it in the dashboard. For example, you can add content such as customer_id or shipping_id to your metadata, so there is no reason to pollute your transaction description.
Should I collect more data?
The minimum collection from CC is its number, CVV and expiration date, but you can collect more. You can also collect the postal code/CC holder name/address of the Address Verification System [AVS]. If you collect them, it will increase payment security because the anti-fraud algorithm will have more data and be able to react more accurately. However, from the user's point of view, it needs to enter more data - this is not always good. Customers are just people, and sometimes they make mistakes when entering data, which can also cause some transactions to be rejected. Therefore, you must decide how much data you need and which data is best for you and your income. Similarly, banks sometimes refuse to pay "disrespect" payments. Status, you will have to contact your customers so they can ask them why they are on the bank [the recent activity level on the card, the lack of matching AVS information, the card exceeds its limit, or a series of other reasons, only the bank will know].
Stripe payment example
Collect CC data - [marked explanation and examples]
To collect CC data, we can use Checkout, the Stripe.js element lib, and the Stripe element lib, which uses Stripe js, moves libs, and reacts to native tipisi-stripe. Checkout provides a set of forms for collecting data, while other methods require you to make your own custom forms. The process of using the payment provider to secretly collect CC data is called tokenization because we are exporting all sensitive data for short-term data tokens. This is the whole content of tokenization. This token can later be used to make a one-time charge to the customer or to create a customer [see below]. The following example focuses on the simplest tokenization method called Checkout. When using checkout, we have two options, simple and custom. Let's take a look at the code.
Checkout simple option
In the checkout simple option, all options are available to you. All you need to do is embed the following code into your webpage:
Now let's see what we can do with the backend token
Charge the customer - an example
The token is on the back end. Let's create a customer using the node and then charge them according to the customer ID returned when needed.
Import stripeModule from ' stripe';
Import configuration from ' ../ config / config'
Import the logger from ' ../ log'
Class StripeService {
Constructor[]
Const stripe = config[];
This.stripe = stripeModule[stripe.secretKey];
createCustomer[stripeToken,email]
Logger.info[`Creating customer $ email`];
Return this.stripe.customers.create[
Email,
Source: stripeToken,
];
This will return the token, but remember to handle the error that occurred. If the response is successful, simply look up the id belonging to the customer and save it for later use. You will use the customer ID to charge the user. Let's see how to do this:
chargeCustomer[customerId,amount,desc,idempotencyKey]
Return this.stripe.charges.create[
the amount,
Currency: ' usd',
Customer: customerId,
Description: desc,
,
Idempotency_key:idempotencyKey,
];
this is all? Yes, but remember to be prepared for failure and retry when needed.
Registration activity - an example
Stripe can update the client CC, and if it has expired, this applies to most MasterCard, Discovery and Visa cards. How can it be? - Stripe works with the card network and automatically attempts to update the card details when the customer receives a new card. After updating the card information, you will receive a webhook with the following event: "customer.source.updated". You can also register for the notification before the registration date of the event "customer.source.expiring". Webhook is a general way to register various events that Stripe will generate. You will be called by push, so you don't need to extract the information, all you have to do is expose the webhook. If you are only interested in paying for cards using Stripe webhooks, you don't need to. Webhooks is configured in the webhooks settings section of the dashboard where you can add new URLs for receiving webhooks. The logic of the webhook should be idempotent and the webhook signature should be verified.
Import stripeModule from ' stripe';
Import Express from Express ' ;;
Import bodyParser from ' body-parser';
Const STRIPE_SECRET_KEY =' sk_test_your_key_here' ;;
constant...
Orignal From: How to choose an online payment solution
No comments:
Post a Comment