New European regulation for online payments with Stripe

This in my box from PayPal today. So if you’re UK based, you might be ok… for now at least.

PayPal

Don’t get left behind when PSD2 goes live!

You’ll know that the EU’s second Payment Services Directive (PSD2) legislation comes in to force on 14 September 2019, which means credit and debit card providers across Europe will have to guarantee more secure card payments online using two-step verification, known as Strong Customer Authentication (SCA).

The UK financial regulator (FCA) has recently announced that they are allowing an 18 month implementation period for SCA for UK card issuers, with all firms to have completed this implementation by March 2021.

However, some non-UK customer payments may still be impacted straight away - so you will need to keep your systems up to date.

1 Like

If/when there is a Brexit, you might not have to worry about this at all if your customers are UK-based right? :rofl:

Hi,
Yes it’s the same good message for France and many others country, you can look up at this link:
https://support.stripe.com/questions/strong-customer-authentication-sca-enforcement-date
Thanks. Best regards.

Thanks for sharing, Seth.

Problem is, that banks can implement it anyhow. I can already see 10percent of payments failing last month, Vs 5 percent before because some credit card suppliers/banks already enforce it.
Those extensions are granted to the banks who messed up their smartphone apps, but no single country forbids the enforcement, hence once your bank is ready for ity they will enforce it because it saves them money and makes fraud charges much harder (hence saves them money for compensation)

1 Like

Hi,
You’re absolutely right that’s why we look forward to updating the Stripe API on s2Member.
Best regards. Brice.

well - 0 successful payments via Stripe today for me. 6 users failed trying to pay. So plainly speaking - it’s not working anymore (5x Germany, 1x Italy).

I’ve left the form active, but put a big warning banner advising people to pay via paypal instead (using paypal buttons).

I’m very sorry that I still haven’t posted a beta for this. I’ve been working non-stop on it.

Although it’s not the release yet, I know you’re -rightfully- eager for it and waiting, so I wanted to let you know where it stands with an update:

I almost had a beta this Friday, but hit a new bump with this old issue: https://github.com/wpsharks/s2member/issues/1052#issuecomment-294831137

With Jason’s approach, a subscription gets broken up into a direct charge for the first term, and a subscription with a trial period equivalent to that first term, so the first subscription payment is after the one that was charged directly first…

Although payments still went through, reporting had already started being complicated because of the “trialing” status. He had a good reason at the moment to do it that way, but it’s not functional anymore with the new SCA approach.

When requiring SCA, the direct payment and the subscription payments, both would need the authorization separately. So that has to go. I wasn’t planning to tackle that yet, but now it’s required.

I know you’re trusting me, and I wanted you to know that I am on it fully. The whole migration/upgrade has been quite complex, but I’ve sorted out most of it. I’m sorry for the delay and not having the beta yet. I’m so close… :pray:

2 Likes

Hi,
There was precisely a discrepancy between the number of recurrences entered in the s2Member Stripe shortcode and the number of recurrences actually taken into account by Stripe (always one recurrence too much compared to the shortcode).
So you will solve this problem at the same time as the SCA, which is a very good thing.
Thanks for the news, i hope this update coming soon!
Best regards. Brice.

1 Like

Thanks for your efforts Cristian.
I’m routing for you!
I’ll buy you a beer after all this is done!
Enda.

1 Like

Quick update:

:slight_smile:

3 Likes

Much appreciated. Thank you for the quick update!

1 Like

Awesome Job, well done sir.
Tip my hat to you!
Enda,

1 Like

well great for making progress in the support. However I had hoped for a revamped checkout UI at the same time. E.g. the address in the second step is horrible - it really needs to be moved to the first fields.

And the submit form is another thing that everyone I guess would love to see gone. It would be so much better if the user only has to confirm once - especially older people simply don’t manage to understand the checkout process and stop after confirming the Stripe Popup.

So either move everything to the front and auto confirm the form within the Stripe popup - or even better inline the stripe form.

This is really s2members weakest point (besides sometimes falsely ignoring Paypal API messages)

And best make both of this into a new version - e.g. s2member advanced - with a yearly subscription payment so you can make some money and users that way can feel more secure about s2member being continued…

1 Like

Yes, I plan to revamp the pro-form for the new s2Member Next that I’m working on. I started work on it, but while figuring out how the current pro-forms work, I noticed how to implement the new Stripe flow there quicker than getting the whole new rewrite ready.

The current one already works and has so many things going on behind the scenes, and in a pretty complex way, that it’d be easy to miss stuff or introduce problems. I’d prefer to not push a beta of the new forms together with the new SCA support if it’s not required.

About the double submit, I removed that. The old Stripe modal was an implementation of the previous Stripe Checkout to add the payment source to the customer on Stripe’s side, and then you needed to submit the pro-form.

I’ve now used Stripe Elements for the card details, and the customer only clicks the form submit button to get the thing going. If the card doesn’t need 3D Secure authorization, he won’t need to do anything else. The 3DS modal only shows up if it’s needed for that payment.

:slight_smile:

1 Like

Oh, and yes, I will change the license to a yearly subscription very soon. Current Pro users keep their lifetime access, but new ones will have to renew for updates in the future. I want to keep this very alive and make it prosper. :grinning:

1 Like

but if the submit on the Stripe popup makes the payment go through - the address if active needs to be moved forward… (where it should be anyhow).

And I think anyone will understand if the old lifetime licences do not apply anymore. Or make it bought within the last 2 years - old lifetime = 2 years from date of purchase, if older also new model.

Nah, they have what they bought. If lifetime, it’s lifetime. Some will be understanding and others not so. But if someone wants to subscribe to the new annual payments to support the project, that will be very welcome, of course. :slight_smile:

What do you mean with moving the address forward? I’m not sure I understand.

1 Like
  1. oh and sorry - I did not notice in your screenshot the credit card is now inline - that’s great. The popup for 3d secure is okay I guess - it’s usually not inline from what I have seen (and yeah of course the fewer users get the popup the better). I did not look properly and assumed that the 3d secure popup is also used to enter credit card details.

  2. (oh and it would be great if submit form text could be changed to Pay Now - it’s doable via plugins but then the cancel subscription button will also show the same text - so it would be great if there is a different label for the submit form for paying vs for cancelling a subscription - I don’t mind either of which is changed in name as long as they are different. Submit form is not legally usable in Germany or Austria as a payment confirmation - we need a clear message like Pay Now by law).

  3. Currently if you require an address the only way to do so is to set a bogus tax for a country you never have any buyers. Then s2member will pop up the address field AFTER the user entered the credit card info - this is super confusing and users sometimes don’t even see it.
    I tried moving the fields forward into the main form but it broke something.

Custom fields are not usable - as the address fields are standardised and need to be forwarded correctly to Stripe for Stripe Apps using them - so no sense in making a custom field called Street and so on.

So if address is enabled (actually a separate settings options would be better than the bogus tax country) - it should show up from the start…

Also address should have options what to show would be great. So country only (best preselected by IP using maxmind database or similar), country and zipcode - country and street - and so on depending on the legislation of where you are based. For me actually country and city would be enough - no need for street or zipcode (actually country alone selected based on IP would be enough already for Stripe as with stripe you can get credit card country from stripe, not for paypal though as paypal does not provide credit card country, but I don’t use paypal proform). For EU VATMOSS and Stripe, simple country field would be enough - because then you have IP, credit card country code, and user indicated country (preselection based on IP is fine). Not having the country is problematic for VAT if credit card country and IP don’t match - VATMOSS requires 3 independent factors - so the country is the 3rd - if all don’t match you just need to follow a clear system which one you chose.

  1. About lifetime - well that’s why you would need to rename it - to s2member advanced or similar. Quite a few lifetime products went that way. old pro will still work but simply not support SCA - hence useless. I think most people would understand that support cannot be free forever (I also have lifetime on my website, but I calculate that the average user only uses my services for 5-8 years - hence the price is about the same as 1 year then yearly subscription for 7 years. s2member however never had a yearly plus subscription price… - and yeah that’s my biggest fear for Thrivecart, I don’t like their lifetime payment either). But of course that is your choice…
1 Like

Hi,
Congratulations and thanks for these quick news that show your progress.
I had to completely eliminate the possibility of paying by Stripe because this systematically generated an error since the implementation of the SCA. So I lose some sales which is critical for my business.
So it is really urgent to update the API, the changes of forms can wait a little more because they do not serve anything as long as the API does not work.
As for the annual payment, I am ok but the price must be representative of the number of people working on the plugin and the speed of application of the next important updates.
Best Regards. Brice.

1 Like