Strong Customer Authentication
Payments created by the Stripe Connector for NetSuite comply with Strong Customer Authentication (SCA) rule contained within the European PSD2 regulation. The connector creates payments on your behalf in a way that decreases the number of card declines due to SCA, automatically redirecting your customers to complete any additional authentication required by their bank.
If you leverage tools which collect payments on behalf of your customers, payments are created on your behalf by the integration using the new Stripe APIs which satisify SCA requirements.
In some cases, understanding exactly how the new
PaymentIntent API is being used can be helpful in designing your own integration that works nicely with the connector. The documentation below describes exactly how the Stripe Connector for NetSuite uses the underlying Stripe APIs.
- You can use either the payment intent ID (starts with
pi_), or a charge ID (starts with
ch_) when setting the value of the "Stripe Transaction ID" field on SalesOrder or Invoices created by your ecommerce order integration. If you set the NetSuite "Stripe Transaction ID" field to a Stripe payment intent ID (starts with
pi_), the integration extracts the successful charge created by the payment intent and uses that charge for any integration functions.
- Ensure all of the metadata you need on the charge is added to the payment intent metadata before it's confirmed. When the payment intent is confirmed, metadata on the payment intent is copied to the Stripe charge. However, after the payment intent is confirmed metadata is not synced between the payment intent and the charge. There is some metadata that the integration cannot pull from the payment intent. If this metadata does not exist on the charge, transactions may not be integrated into NetSuite as you'd expect.
- Only set the NetSuite "Stripe Transaction ID" field to Stripe payment intent IDs that have a status of
succeeded, if they require further action do not transmit the IDs of the payment intents to the "Stripe Transaction ID" field in NetSuite. Instead, wait until the payment intent has succeeded, then update the "Stripe Transaction ID" of the related transaction in NetSuite.
eCommerce Auth-Fulfill Capture
- All auth-capture reauthorizations use the off-session flag.
- If the payment does not succeed, you will receive an error which is added to the memo of the invoice.
When processing cards manually using the payment plugin, we pass as much data as possible to the card networks in order to leverage any exemptions to the authentication requirements that may be available.
If the card requires further authentication, you'll need use the invoice payment page to request payment from your customers. SCA authentication cannot be handled directly within the payment plugin because the customer is not present to complete the authentication step.
When collecting payment on an invoice or sales order using the payment page your customers may be presented with an additional authentication page if it's required by their bank. If you'd to see the flow your customers may be presented with, visit a payment link from your NetSuite sandbox (connected to Stripe in test mode) and enter one of the SCA test cards.
The customer portal card processing flow is exactly the same as the B2B Payments flow. Customers may be presented with an additional payment verification page if it's required by the customer's bank.
- All automatic payments use the off-session flag.
- If the payment fails you'll see a memo similar to
Your card was declined. This transaction requires authentication.Use the payment link to collect a new payment with authentication.
- If you have both a
invoice_settings.default_payment_methodthe payment method will be chosen. You are responsible for clearing the
default_payment_methodif you want to use a
- PaymentMethods do not yet support ACH payments, so if you use ACH and card payments on the same customer you need to carefully manage the
default_payment_methodcustomer attributes properly.
Payment intents (along with setup intents) do not have a direct equivilent in NetSuite. Instead of integrating either of these records to NetSuite, the underlying charge object generated by the PaymentIntent or SetupIntent is reflected in NetSuite.
PaymentIntents pass their description and metadata fields to the Charge at time of Charge creation – that is, during PaymentIntent confirmation. This occurs when a PaymentIntent is created by the integration, or a system that you control. Subsequent updates to the "charge or payment intent" are not reflected on the other one. In other words, any metadata that needs to be present on the charge, should be added to the payment intent before the payment intent is confirmed.
However, you can create custom mappings which pull from the payment intent metadata. There are some limitations to this approach: some special metadata 'overrides' that the integration supports cannot be managed through payment intent metadata. For example, the
netsuite_invoice_id keys can only be read from the underlying Stripe charge.