[ad_1]
How to choose an online payment solution and our picks
The payment provider is selected based on a number of different criteria. Some of these are availability of the service in the country where you have a bank account, transaction costs, monthly fees, integration costs, and whether it resolves sales tax issues or allows integration with some other well-known payment solutions. Is. You will have to answer many of these questions to the client. Stripe is our preferred choice as it had excellent API capabilities. This article will be using Stripe as your payment processor of choice.
Best practices for payment providers
Try again if the transaction is not successful
The transaction may not only fail due to technical reasons but sometimes insufficient funds may also be the reason. You should try to process the transaction again within an hour to a few days.
Know when your CC will expire
Some card details will expire or their data will not be valid for various reasons. When you do not have valid CC data it will not be possible to charge the customer. Major card schemes provide a service that lets you check whether any updates are pending for the customer data stored by you. Some online payment solutions will even update the card information for you. Stripe will do this for most MasterCard, Discover, and Visa cards. Not only C.C.
Keep in mind that in some parts of the world people are reluctant to pay with their credit cards
The best example of this is China where Alipay is the main payment source. It’s worth noting that not all customers are happy with giving out their card details, so using a well-known payment method helps increase the completion rate of a potential transaction. Stripe also supports Alipay for China and Giropay for Europe, iDEAL
we want paypal
Sometimes customers just want to use PayPal because they are familiar with the brand. Don’t be stubborn – Stripe will help you maximize your profits. Stripe and PayPal are direct competitors, there is no integration between them.
Best practices when using Stripe payment processing
PCI Compliant with Stripe
Most users become PCI compliant by filling out the Self-Assessment Questionnaire (SAQ) provided by the PCI Security Standards Council. The type of SAQ depends on how you collect card data. The simplest method of PCI verification is SAQ A. The fastest way to become PCI compliant with Stripe is to make sure you qualify for SEQ A, which is already filled out. In your account’s compliance settings after the first 20 or so transactions. Here’s how to get it:
– Use Embedded Forms called Checkout, Stripe.JS and Elements (It provides better layout customization after checkout). You can use react-stripe-elements which uses the stripe.js API or the Stripe Mobile SDK libraries. When you are using react-native then go with tipsy-stripe. ipsi-Stripe bindings are not officially supported by Stripe, so support won’t officially tell you whether they qualify for prefilled SEQ-A compliance – but they do.
– If you are using a web service then your payment pages should use HTTPS.
In all those cases the data is securely transmitted directly to Stripe without going through your servers. You don’t have to do anything else when you choose the fastest way. It’s as simple as that, until you reach 6 million transactions per year, then you must file a Report on Compliance to validate your PCI compliance annually.
Be prepared for technical failure – Idempotency key
If you are using API to take payments then you should be prepared for technical failure as all networks are unreliable. If a failure occurs it is not always possible to know whether the charge was carried out or not. In case of network failure, you should retry the transaction. Idempotency key is a prevention mechanism against charging a customer twice. If for some reason you have submitted the payment twice – which may be due to retry after failure. In the Stripes node lib you add this to the options parameter when charging. Each Idempotency Key will expire after 24 hours, so after that time you will be charged the customer if you make a payment with the same Idempotency Key.
Stripe charges in cents not dollars
Online payment solutions like PayPal charge in dollars instead of cents. But at Stripe all charges are made in the smallest currency unit. This isn’t just with respect to the dollar, Stripes does this for all currencies.
Examination
Stripe provides multiple card numbers for you to test different scenarios on the frontend and tokens so you can test your backend directly. For example, you can test not only Visa, MasterCard, American Express, Discover, Diners Club and JCB cards but also International cards and 3D Secure cards. Stripe also provides you with tokens so you can test failure scenarios such as a charge declined, or a charge blocked because it’s fraudulent, card expired, or processing error. So you’ll be prepared for whatever may happen when you go live.
Don’t put JSON in the description – use metadata
Be as descriptive as possible. Metadata is your friend. You can enrich your Stripe transactions with custom data so that you can view it in the dashboard. For example you can add things like Customer_id or Shipping_id to the metadata, so there’s no reason to pollute your transaction details.
Should I be collecting more data?
The minimum to get from a CC is its number, CVV and expiry date but you can collect more. You can also collect the Zip Code / Name / Address of the CC holder for Address Verification System (AVS). If you collect them it will enhance payment security as fraud prevention algorithms will have more data and will be able to react more accurately. However, from the user’s point of view it is more data to type – which is not always good. Customers are only human and sometimes make mistakes while entering data which may lead to rejection of some transactions. So you have to decide how much data you need and which data will work best for you and your income. Equally banks will sometimes decline payments with ‘don’t honor’ status and you will need to contact your customer to ask their bank why (high level of recent activity on the card, matching AVS information shortage, a card being over its limit, or a range of other reasons known only to the bank).
a stripe payout example
Collecting CC Data – (Tokenization Explanation and an Example)
To collect CC data we can use checkout, stripe.js elements lib, react stripe elements lib which uses stripe js, mobile lib, and react native tipsy-stripe. Checkout offers a selection of forms for collecting data, while other methods require you to design your own custom form. The process of securely collecting CC data using a payment provider is called tokenization because we are exchanging all sensitive data for short-lived data tokens. And that’s all about tokenization. This token can later be used to charge the customer a one-time fee or to create a customer (see section below). The following example will focus on the simplest method of tokenization called checkout. When using checkout we have two options, Simple and Custom. Let’s look in the code.
checkout simple option
Everything is provided for you from the selection of options to the checkout simple option. All you have to do is embed the following code in your webpage:
Now let’s see what we can do with the token on the backend
Charging a Customer – An Example
The token is passed to the backend. Uses Node to create clients and then charges them based on the returned client ID when needed.
import stripe-module from ‘stripe’;
import config from ‘../config/config’;
import logger from ‘../log’;
class StripeService {
the creator () {
const {stripe} = config();
this.stripe = stripeModule(stripe.secretkey);
,
createCustomer(stripeToken, email) {
logger.info(`creating client ${email}`);
return it. Bandage. Customer. create ({
E-mail,
Source: StripeToken,
,
,
This will return the token but remember to handle errors that may arise. If the response is successful then just look for the ID that belongs to the customer and save it for later use. You would use the customer ID to charge the user. Let’s see how to do this:
chargeCustomer(customerId, amount, description, IDPotencyKey) {
return it. Bandage. charge. create ( {
Quantity,
Currency: USD’,
customer: customer id,
description: description,
,
idempotency_key: idempotencyKey,
,
,
That is all? Yes, but please remember to be prepared to fail and try again if necessary.
Signing up for events – an example
Stripe can update the client CC if it has expired and it works for most Mastercard, Discover and Visa cards. How is this possible? – The Stripe card works with the network and attempts to automatically update card details whenever a customer receives a new card. When the card information is updated you will receive a webhook with the following event type: “customer.source.updated.” You can also sign up to be notified before the expiration date with the “customer.source.expiration” event. Webhooks are a common way to sign up for the various events that Stripe produces. They’ll call you in a push way so you don’t have to pull for information and all you have to do is expose a webhook. No need to use Stripe webhooks if you’re only interested in card payments. Webhooks are configured in the Webhook Settings section of the dashboard, where you can add a new URL to receive the webhook. The arguments to the webhook must be passable and the webhook signature must be verified.
import stripe-module from ‘stripe’;
import express from ‘express’;
import bodyparser from ‘body-parser’;
const STRIPE_SECRET_KEY = ‘sk_test_your_key_here’;
const WEBHOOK_SECRET = ‘whsec_your_key_here’
const stripe = stripe module (STRIPE_SECRET_KEY);
const app = express();
app.use(require(“body-parser”).raw({type: “*/*”}));
// this will be called by stripe
app.post(‘/webhook/test’, (req, res) => {
const signature = req.headers[‘stripe-signature’],
const event = stripe.
// process the event – make sure you’re ruthless
if (eventWasNotProcessed(event)) {
handleEvent(event);
,
res.json({received:true});
,
app.listen(8000, () => console.log(“running on port 8000”));
other stripe abilities
Stripe services are not limited to the payment services that we have looked at in this article. Stripe also offers:
– Subscriptions: Charging customers for recurring subscriptions. Stripe has several plans for each customer, including discounts
– Connect: A solution to use when you act as a platform between customers and vendors. With this solution you can transfer money to/from your customers and vendors.
Sigma: A facility to write custom reports which will be available in your dashboard. This is done by writing ANSI SQL queries against the Stripe schema. You can also use scheduled queries to further automate things – results will be sent via webhook event or email. Just be aware that using Sigma is not free and does incur additional costs.
– Radar – A fraud protection machine learning system. You can use it when it’s integrated with Checkout, Stripe.js, Elements, and Mobile SDK integration (tipsy-stripe will work here too).
Epilogue
With this knowledge you can process your first payment. Remember when choosing Stripe that you are responsible for your own PCI compliance after the first 6 million transactions.
[ad_2]