Enable 3DS2 for Stripe gateway integration
3D Secure 2.0 (3DS2) is a widely recommended solution for strong customer authentication (SCA) under PSD2. The Stripe v2 gateway integration provides support for 3DS2 through the embedded iFrame of Payment Pages 2.0.
To comply with PSD2 using 3DS2, the following updates are required:
- Enable 3DS2 for your Stripe merchant account.
- Configure the gateway instance.
- Configure 3DS2 settings in Payment Pages.
Then you can implement and use Payment Pages 2.0 as usual. See Payment Pages 2.0 implementation overview for more information.
Enable 3DS2 for merchant account
Before configuring your Zuora tenant, you must enable settings related to 3DS2 for your Stripe merchant account. Contact Stripe Support and provide the following information to enable the required settings:
- Your Stripe account ID
- A statement that you are using the Zuora v2 adapter
- A request for enabling a feature to recognize the
mit_exemption
parameter to avoid the following error when processing payments:
400 [invalid_request_error/parameter_unknown] Received unknown parameter: payment_method_options[card][mit_exemption]
Configure the gateway instance
Only the Stripe v2 version supports 3DS2. If you are using an earlier version of Stripe gateway integration, upgrade your gateway to this version. Contact Zuora Global Support to get access to Stripe v2.
Follow Configure the Stripe payment gateway to learn how to configure Stripe v2 gateway instances.
Configure 3DS2 settings in Payment Pages
The "Best practices" section in Zuora’s implementation of 3D Secure 2.0 provides best practices for reducing the possibility of failed transactions due to 3DS2 authentication errors.
Credit Card Reference Transactions
If you are using the Credit Card Reference Transactions (Tokenization) payment methods through the existing Stripe v1 gateway, you must upgrade to Stripe v2. Contact Zuora Global Support to get access to Stripe v2.
Direct POST
After completing the authentication and authorization outside Zuora, you need to pass through the credit card data along with several required fields for merchant initiated transactions (MITs) to Zuora through Direct POST. See Direct POST Form Fields for Payment Pages 2.0 for a full list of fields for 3DS2.
Specific to the Stripe gateway:
- The
field_mitNetworkTransactionId
field corresponds tonetwork_transaction_id
you get from Stripe. - The
field_mitGatewayToken1
corresponds tods_transaction_id
you get from Stripe. Ifds_transaction_id
is null, you can skip including this field.