New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Urgent! S2member is not passing CVC checks to Stripe! #535
Comments
Just as a follow-up, my business partner has moved payments back to PayPal for the time being (so the page I linked won't have a stripe form on it - I can set up another page if that would be helpful). Stripe was converting way better for us, but obviously a lot of those gains were mitigated by the declines/canceled memberships. We'd still love to use Stripe, but we're putting it on hold for the time being. Thanks for your help. |
Hello, the declines continue on, and I was just wondering if there was any progress on this end? Here's an example of what Stripe passes along to us, where you can see that the CVC and ZIP are coming through as "null" even though they are required fields when you actually try to check out on our site: XXX's are for privacy. object: "card" |
@james282 Thank you for the report! We have been investigating this over the past few days. I am going to send an email to Stripe tech. support and see if they can help us clarify this a bit further. I'll update this issue once we know more.
I believe that you may have been misinformed. Or, perhaps there was some confusion about which integration method that s2Member Pro uses. s2Member's integration with Stripe is via "Stripe Checkout (Custom)". This opens a popup/overlay and Stripe collects the CVC. What s2Member gets back is a Card/Source Token that represents the data Stripe collects from the customer. From my experience, and as I understand the API docs, there is no reason for s2Member to collect and/or pass a CVC to Stripe; i.e., Stripe has already collected this. We simply reference what Stripe has collected via the Source Token. There is a Of course, Stripe will have a more informed response, so I'll wait for their confirmation before we proceed here with any changes that may or may not be necessary. |
@james282 I see that your site is offline at the moment: dailyfantasysportsrankings.com Can you post a screenshot of the Stripe checkout form where you are entering the credit card details please? I'd like to confirm that we are on the same page when it comes to the integration method that is being used. |
Stripe support request opened. Awaiting response.
|
Thanks so much for getting back to me. My site is having problems with another plug-in at the moment - sorry about that. The stripe form is located at: dailyfantasysportsrankings.com/membership. I just received another email of my own from Stripe support saying that the CVCs are still not going through, in spite of me requiring them to accept payment on Stripe's end. It's bizarre, because some cards give a "CVC Check: Passed" feedback, and some don't say there's any record of a CVC at all. Thanks. |
Reply from Stripe:
So I'm not seeing that we need to change anything in the Stripe integration. I don't see a bug here at all actually. |
So we're getting conflicting reports from the various employees of Stripe. On Tue, Apr 14, 2015 at 6:34 AM, JasWSInc notifications@github.com wrote:
Summer Camp Revolution |
@jaswsinc I am developing a site or a client at http://naturalbusinesstools.com and I am also seeing certain cards return "card_declined" when submitting them via s2. It might be a slightly separate issue but when I enter a card into the stripe overlay it accepts is with a green tick but when I submit via the s2 'submit' button it says 'card declined'. Strangely I can't determine what cards go through and just to make it even more confusing I had a card decline the other day and then work today.. so not really sure whats going on. Obviously this is a major issue for the client. |
I'm reopening this issue after @lukeallen1986's new report (#623):
@jaswsinc Any ideas here? |
Thanks @raamdev. Yeah I am still struggling to work out whats happening i'm testing it in every browser and with different accounts but all same result. |
Thank you. I'm investigating this also. |
Not sure if this is of any help but when I attempt to process a transaction even if its declines it still records all the user information in Stripe, however in the logs it say: "pending http://naturalbusinesstools.com/?s2member_pro_stripe_notify=1" when referring to the web hook but I checked and both my web hook in stripe and s2 match |
Hey @jaswsinc has there been any progress on this? I tried another card to day and received card_declined. This was with a separate bank this time. Could it be that we are not checking cvc or address/postcode that the card fails? |
Ok @jaswsinc and @raamdev there has been a development. I have tried 4 separate personal credit cards [friends and families] and they all worked perfectly. Then I tried a couple of business credit/debit cards and they all failed.... So it looks like s2 or stripe is failing Business card transactions... is this a known problem? |
As this seems a little off topic now I created a new issue - #629. |
Interesting. In terms of the processing API, there is no distinction that I am aware of at all. I have been unable to reproduce that scenario so far. Tried two different company cards and they go through just fine. Do you have s2Member's logging routines enabled? If so, please send those privately and I'll review them with you. Use: http://wsharks.com/1GrOWND The log files will show us the API communication, or lack of, and perhaps that will shed light. See: Dashboard → s2Member → Log Files (Debug) |
Thanks for getting back to me. Wow thats even more interesting! I had logs turned off as it was live but i've switched them back to on now and i will try a few of the cards and then send you the logs. |
Someone made this comment previously and I just wanted to point out that this is to be expected. See what Stripe said to me in a conversation I had with them about this. The CVC check and any failure that should occur because of the CVC status--all of that is handled by Stripe in the overlay before it comes to s2Member. To control this behavior, you will need to adjust the settings in your Stripe account. See: Stripe Dashboard → Account Settings → General @lukeallen1986 Would you mind posting a screenshot of this panel in your Stripe Dashboard for us? I'd just like to confirm that we are attempting to reproduce with the same configuration. |
Yes, that is puzzling. I haven't been able to reproduce this yet, but I will keep looking. Hopefully the log files that @lukeallen1986 sends us will shed light on this. |
Ok I have emailed you the logs. I just tried one card as I didn't want to keep you waiting but can get more if you need me to. |
@lukeallen1986 Details received. Thank you. Taking a look now. |
@lukeallen1986 So I reproduced this behavior on your site, and I traced it back to a card update that takes place within s2Member. Upon final submission, s2Member adds the customer's The Armed with the knowledge of which Stripe API call resulted in a Short-Term WorkaroundFind this line of code in your copy of s2Member Pro: https://github.com/websharks/s2member-pro/blob/000000-dev/s2member-pro/includes/classes/gateways/stripe/stripe-utilities.inc.php#L166 Change: $source->save(); To: // $source->save(); That will prevent the additional update from taking place. It's only there for tax reporting purposes anyway, and that should resolve the issue in the short-term until we can get to the bottom of this. |
Referencing unexpected API response failure from Stripe in their PHP SDK:
|
Request for assistance sent to Stripe:
|
Next Release Changelog:
|
Giving this a |
Next Release Changelog:
|
Hi @jaswsinc I just saw all your messages. When I get a free moment tonight I will go through them all and get back to you asap. |
Hey @jaswsinc I made the change to comment out // $source->save(); and that appears to have worked :-) So that will definitely be an acceptable workaround for now. Thanks so much for helping with this and I have also email Stripe so I will update you if they tell me anything about this bug. |
Stripe support replies...
So this tells me that s2Member should expect to receive a decline upon updating the extended billing information, but that when/if this occurs we should only log the error, not fail entirely. That's what the latest release does now that we applied the workaround, so I think it's safe to close this issue now. We have done all we can do. I don't see this being an issue in s2Member v150722 or higher moving forward. |
@lukeallen1986 Thanks for reporting back on this. Much appreciated. |
The latest release of s2Member v150722+ closes this issue. This issue will now be locked to further updates. If you have something to add related to this GitHub Issue, please open a new GitHub Issue and reference this one. Thanks! :-) |
Hello!
Recently, we've been struggling with a TON of declines with integrating stripe with s2member. After a bunch of back and forth with Stripe, we learned that part of the issue is the prepaid cards (and I see that's being worked on - thanks!), but that there was a bigger issue at play as well.
From their support:
"I've looked into the payments on your account and it appears that you're not actually passing the CVC code from your customers through the Stripe API when creating your charges, which is likely a big reason for all the declines you've been receiving!
I'd recommend getting in contact with your developer and making sure that your card creation requests are properly passing in the CVC you collect from your customers in Stripe Checkout, as currently the value is being passed as "null"."
My website is dailyfantasysportsrankings.com. The sign-up page is /membership.
This has cost us a couple thousand dollars already, and I'd be happy to pay some amount of money to get this fix expedited, if at all possible. Or, it could just be some silly user error on my end, but I've dug around as much as I can before posting this.
Thanks!
The text was updated successfully, but these errors were encountered: