Should I call verifyBuyer for off-session payments - square-connect

I'm integrating Square payment gateway into our system. And want it to support SCA.
In their dev docs it says that I should call verifyBuyer each time I want to charge CoF. Also, "If a challenge is required, Square automatically displays the challenge to the buyer". It's ok for on-session payments. But what about off-session payments, like cars rental service does - without customer online (automatically)?
In their dev docs it says nothing or I'm missing something.
Did anybody face with such case?

Our docs state:
Important
The SCA flow must not be initiated for a card on file transaction where the buyer is not present. In this scenario, do not call the verifyBuyer function. You can still charge the card but be prepared to handle the CARD_DECLINED_VERIFICATION_REQUIRED error.
Basically, don't call verifyBuyer, and don't pass a token to the payment endpoint. The payment could still technically fail, so you should build functionality to handle that.
https://developer.squareup.com/docs/payment-form/cookbook/verify-buyer-on-cof

Related

PayPal REST API not returning recurring payment information in laraval

I am working on Paypal webhook (subscription) section to insert recurring payment information into the database. I have done coding based on the link "https://jslim.net/blog/2018/01/22/PayPal-Rest-API-with-Laravel-5-and-Angular/" but Paypal webhook always return “payment_status: Pending” on sandbox image and its not inserting recurring payment information into the database (insert option added in PayPalController - function webhooksPaymentSaleCompleted ).
I think the problems related with routes/api.php file but I can't figure out what exactly is going wrong.
Another URL that I have referred and tried was "https://github.com/supermavster/PayPal-PHP-SDK"
Laravel version 5.8
paypal/rest-api-sdk-php: "^1.14"
Please suggest a feasible solution to this problem.
Thanks in advance.
Verify that the sandbox account's email is confirmed, by logging into the sandbox business account receiving the payment and navigating to: https://www.sandbox.paypal.com/businessprofile/settings/email
Resend the confirmation message. Open the message via https://developer.paypal.com/developer/notifications/ , and confirm the sandbox email.
The v1 PayPal-PHP-SDK is deprecated and there is no reason to be using it for a new integration. Use the v2 Checkout-PHP-SDK for payments.
You'll need two routes on your server, one for 'Set Up Transaction' and one for 'Capture Transaction', documented here; https://developer.paypal.com/docs/checkout/reference/server-integration/
The best approval flow to pair it with is https://developer.paypal.com/demo/checkout/#/pattern/server

How to verify credit card and post a sale in a single API transaction?

edit:
tl;dr: you can't.
You have to create a payment method in order to verify it. Creating a sale does NOT invoke verification, even if verification is enabled globally.
original:
I'm reading about credit card verification, which apparently isn't done automatically during Braintree_Transaction::sale(), but I don't see any options to enable verification on calling sale().
Do I really have to implement (at least) two separate API transactions just to verify a credit card?
Ideally I would like to use a single call to ::sale() to perform validation, authorization, and capture.
I have already enabled verification through my control panel, and I'm using test credit card number 4000111111111115 which, is supposed to be declined, but i'm getting successful transactions with it.
Do I have to create a payment method separately in order to perform validation, even if I have global validation enabled?
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
To test card verification results, please adjust the amount of your transaction. Because these cards are not linked to real accounts, Braintree cannot make the small authorization charges that are made in production, and instead the API must rely on the amount of the test transaction to dictate the expected response.
In a Production environment, Card verification is triggered by the creation of payment methods, not by transactions. To enable verification, either enable it across all payment methods, or add the verifyCard option to your PaymentMethod::Create call. The response to PaymentMethod::Create in either of these cases will contain a creditCardVerification object if the verification fails for any reason, allowing you to stop the transaction before sale is called.

How do I trigger a webhook for transaction settlement in sandbox?

I am trying to create a new webhook endpoint for my braintree integration. I added an endpoint to the Control Panel. I am using the Python library and created a a bunch of transactions. Also, I manually settled the transaction using the testing gateway. But I do not get a webhook notification. When is the webhook triggered and I=is there a way to trigger it manually?
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
The Transaction -> Disbursed webhook fires when the transaction has settled, and braintree has begun to move funds from their account to yours. While settling the transaction manually in the control panel would start the process, it does not fire the webhook right away.
There isn't any way to trigger this manually, instead braintree has sample payloads and a way to trigger a "Check" webhook in the control panel.
To answer the question in your comment, this type of webhook does not cover voided transactions.
I also asked a similar question to Braintree support, and the answer may be useful for others, even if I decided to go with Stripe (I found stripe much better after all my tests ;).
Question
Hi,
Just integrating Braintree, but can’t find how I’m supposed to get a transaction confirmation (meaning it has correctly been ‘charged’). When I create a ‘transaction.sale’ (including submitForSettlement) I always get (sandbox) a response indicating the status ‘Submitted for settlement’, and the transaction doesn't go to settled until Braintree globally process it (at night, etc.). I also can’t find a related webhook to get payment confirmation (as I currently get using PayPal - IPN).
When/how can I get a payment confirmation so I can then ‘deliver’ the purchased item? By checking your docs, it’s like you can’t get a confirmation until the next day… how does it work exactly?
Thank you!
Answer
Hi Nacho,
Thanks for reaching out!
A Braintree transaction goes through several steps, the second of which is submitted for settlement. This means that the money has begun to move from the customers account, and is the immediate state of a transaction after being submitted; it's not possible to get an immediate 'settled' or 'complete' status on submission. Transactions in this state will generally move to settling, then settled, within 24 hours, although it can depend on your processing bank.
It is very unusual for a transaction to fail when moving from submitted for settlement to settled, as the amount will have been authorised prior to submission for settlement. Authorising a transaction means the funds are put on hold within the customers account, for a certain timeframe depending on payment method, until they are settled. We get an immediate response from the processing bank as to whether an authorisation is successful, which you'll see in the Braintree_Transaction response object.
As such, you can generally rely on the status of submitted for settlement to reflect a valid, successful transaction.
We don't offer webhooks for transactions - instead, our API is designed to give instant feedback via the response object. Because of this, we only provide webhooks for asynchronous events that aren't triggered by an API call (such as billing a subscription or disbursing funds). We encourage our customers to avail of our API responses, in addition to our reporting system and comprehensive search call options, for any extra functionality they require.
If you wanted to pull updated statuses for transactions, such as to confirm a payment has settled, you could use the Transaction.find() API request, pass in the transaction ID and read in the status from the response object. This could easily be run as a script that iterates through the previous days transaction IDs and updates the status of each on a daily basis.
I hope this explains the transaction process with more clarity and offers you some options!
Kind regards,
Braintree
Just in case it helps!
I also asked kind of the same question to Braintree I got the same answer to check the transaction with Transaction::find() and then asked about the possibility of having a transaction not settled after having a SUBMITTED_FOR_SETTLEMENT status, here is the response, very clear and complete:
Hi Alban,
Thanks for reaching out with this question! Happy to help.
Settlement Declined:
In rare cases, a transaction that has been submitted for settlement will reach a status of settlement declined. For sales, this will only occur with a PayPal transaction. For refunds, this can occur with both PayPal and credit card transactions.
This occurs if the processor declined to settle the sale or refund request, and the result is unsuccessful. This can happen for a number of reasons, but the processor settlement response code may have more information about why the transaction was declined. Again, this status is rare, and only certain types of transactions can be affected.
PayPal sale: We recommend checking the settlement status of all PayPal sale transactions before shipping goods or providing services to customers. To reduce these types of declines, submit your PayPal transactions for settlement either upon creation or within 3 days of creation.
PayPal refund: We recommend contacting PayPal for details on refunds that are Settlement Declined.
Credit card refund: Settlement declines can be hard or soft, just as with authorizations. In regions that support an immediate decline response for refunds, we will return Settlement Declined if the processor responds with a hard decline.
Settlement Pending:
This status indicates that the transaction has not yet fully settled. This status is rare, and it does not always indicate a problem with settlement. Only certain types of transactions can be affected.
--> PayPal sale:
If using multiple partial settlements: Settlement Pending is a normal part of the transaction flow. The parent authorization will remain in this status until all child transactions are settled or the authorization expires. See the multiple partial settlement reference for more details.
If not using multiple partial settlements: Almost all Settlement Pending PayPal transactions will settle without intervention, so we always return a successful result. In general, you can expect these to be updated to Settled within a few days as we confirm their status with PayPal. In the rare case we can't settle a Settlement Pendingtransaction, we'll contact you to resolve the issue.
--> Credit card, Android Pay, and Apple Pay sales: You will only see Settlement Pendingauthorizations if you have contacted us to enable a specific API feature that uses this status.
I hope that provides insight, Alban! Let us know if further questions arise.
Best,
xxxxx.
Braintree

Why would a Subscription have no Payment Method Token, and how can I map it to a Customer?

I'm trying to retrieve the customer who created a subscription via its payment_method_token, as described by Braintree developer agf. However, one of my subscriptions has no Payment Method Token. The field comes back as null from the API, and shows up as a blank space in the dashboard:
The docs offer no suggestion that this field could ever be empty. What can cause this to occur, and how can I find out which customer this subscription is associated with?
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
If a payment method is deleted and it has subscriptions connected to it, then the subscription will be canceled, the token will be disassociated from the subscription and you will see this in the control panel.
If there are transactions associated with the subscription, you can get customer information from the transaction objects. In this case, it seems like the subscription never created a transaction before it was deleted so unfortunately you won't be able to trace that back to a customer.

How to void authorized transaction in authorize.net gateway using ActiveMerchant

Goal: Only have successful purchases show up on a customer's billing statement. I don't want declined authorizations showing up on their billing statement (as seen in an online banking system) as pending. A customer often will accidentally input an incorrect billing address, for example, followed by a correct one. Together, the two attempts, one successful and one not both show up on their billing statement as pending prior to settlement. This can scare the customer as it looks potentially like they will be charged twice.
Details: When I do an AUTH_CAPTURE (via ActiveMerchant's purchase) or an AUTH (via ActiveMerchant's authorize) which is declined and subsequently want to void that authorization (via ActiveMerchant's void) so as not to have it appear on a customer's billing statement as pending (even though it will settle out after a few days), the gateway can't find the transaction to void using the authorization code returned from the authorization or capture method calls on the gateway.
This is specific to the authorize.net AIM gateway.
Please advise.
Thanks!
If I understand your question correctly, I'm not sure there is a way to do what you want.
This is a limitation of the gateway / merchant account system.
I just stayed at a hotel this past weekend, and when I checked in I was warned that an 'authorization charge' would appear on my card and then go away. The hotel situation is similar to what you are dealing with, and I don't think there is a way around it. Gas stations do it, restaurants, hotels, etc.
It's so common that I wouldn't worry about customers being alarmed. You might put a statement on your payment form saying something about an authorization charge - I've done that in the past on projects.
And for the auth.net specifics - I'm pretty sure you cannot void an auth, thus the error you are getting. The auth code returned is used later on to capture the amount, if needed.

Resources