Review Stripe Integration for SCA


Overview

Khaos Control has been updated to meet Stripe's Strong Customer Authentication (SCA) requirements. The Strong Customer Authentication (SCA) rule came into effect as at 14 September 2019 as part of PSD2 regulation in Europe. It requires changes to how European customers authenticate online payments. Card payments require a different user experience, namely 3D Secure, in order to meet SCA requirements. Transactions that don't follow the new authentication guidelines may be declined by customers' banks.

Configuration

Create a New Credit Card Integration

Steps for setting up credit card integration in Khaos Control.

  1. Open a System Data screen (show me how).
  2. Open [ Accounts | Card Integration Accounts ].
  3. Press Alt+E or click the green triangle icon is the buttonbar's EDIT button to enter edit mode.
  4. Press F3 or click the NEW ITEM button has an icon that shows two sheets of paper (identified by having the top right corner folded down), arranged diagonally on the icon from top left to bottom right to add a new item.
    1. The Account number is automatically set by the system and must not be the same as any cards setup in [ System Operations | Edit Credit Card Integration Settings ].
    2. Enter the name for your card integration, e.g. Stripe in the Name column.
    3. In the Integration Type, F4 and select Stripe from the list, then click OK.
    4. Tick the Token Swap checkbox.
    5. The Copy PreAuth to following payments checkbox should be unticked for any Stripe accounts, as pre-authorisations only last for 24 hours through Stripe.
    6. In the PreAuth full order value checkbox should be unticked for any Stripe accounts, as pre-authorisations only last for 24 hours through Stripe.
  5. Press Ctrl+S or click the disk icon is the button bar's SAVE button to save.
  6. Focus on the new line, right click and select Configure from the options.
  7. In the [ Integration Options ] dialog:
    1. Tick the Testing checkbox if the account is being used for testing the integration.
    2. Open your Stripe Dashboard Stripe Dashboard.
      1. Go to the Developers area.
      2. Open the API Keys area. Here you will find the Publishable Key and Secret Key to input into the [ Integration Options ] dialog.
    3. Enter the Publishable API Key as provided by Stripe.
    4. Enter the Secret API Key as provided by Stripe.
  8. Click OK.
  9. Close the Card Integration Accounts screen.

Note: KC assumes transactions will primarily be MOTO (Mail Order / Telephone Orders), customers will need to contact Stripe to have MOTO payments enabled on their account. See Enabling MOTO Payments in Stripe below for more details.

Link Stripe to a Stripe Bank Account in Khaos Control

  1. Create a new Stripe bank if required.
  2. For both new and existing Stripe bank accounts:
    1. Open [ System Data | Bank Accounts ] and ensure that the 'CT Account' field is set to the Account No. of the Stripe account previously setup.
  3. Press Ctrl+S or click the disk icon is the button bar's SAVE button to save.

Enabling MOTO Payments in Stripe

Check whether MOTO payments are enabled on your account. To do this:

  1. Sign into your Stripe account and navigating to Payments for MOTO.
  2. If this shows 'Page Not Found', then MOTO payments are currently disabled and will need enabling by following the steps below:
    1. Ensure the account has a verified mobile number Phone Verification for Cards.
    2. Enable the integration settings as before, accepting responsibility for direct handling of card details Integration Settings.
    3. Contact Stripe and ask them to enable MOTO for your account will open a webchat. They may ask additional security questions.

Stripe Dashboard

For testing payments you'll find several cards, with the various response types expected at Stripe Testing. Stripe provides the relevant test keys; you can set these as your secret and publishable keys to test responses using these cards.

By logging in to the Stripe Dashboard you will be able to see how payments interact with Stripe. The logs and events in the 'Developers' section are useful when testing.

Useful Links

Usage

Token Swap

To see how Token Swap works:

  1. Create n new sales order, see How To: Create a New Sales Order.
  2. Move to the [ Sales Orders | Payment ] tab.
  3. Create a payment.
    1. The first field should be populated with the name of your bank account, and the payment type should be 'card'.
    2. n the menu to the right, click 'new' to create a new card for this customer account.
    3. Enter card details for the customer.
  4. Press Ctrl+S or click the disk icon is the button bar's SAVE button to save the Sales Order
  5. If token swap has been successful, you will see the following:
    1. The payment will now show 'Token' with a green tick and all but the last four digits of the card number will be obscured.
    2. In the stripe dashboard under [Customers] there will be a new customer with a name matching the KC customer you were working with (the name as shown on the billing address).
      1. Click on the newly created customer in the stripe dashboard and you will see a payment method listed against them that matches the card you entered details for (in brand and last four digits).
        • Expand details for the payment method and you will see a field 'Set up for future use' that has been populated with an id number. This means that the payment method has been set up for multiple future transactions.
      2. Follow the same steps above with a new SO for the same customer with a different card. See that the new payment method created in the stripe dashboard, has been associated to the same Stripe customer.
      3. Repeat the same steps again with a new SO for *a different* customer and any card. See that the new payment method created in the stripe dashboard has been associated with a new customer.

Note: Stripe associates payment methods for customers and technically it is the billing address on the card that allows payment methods to match, not the customer account. It will only match two payment methods to the same customer, if the billing address includes an e-mail address.

Authorisation

  1. To authorise a payment, right-click on a transaction in the Payments tab of the Sales Order and select 'Authorise Transaction'.
  2. A payment will appear in the Stripe dashboard under [ Payments | All payments ] for the appropriate customer and will be marked as 'succeeded'.

Preauthorisation

  1. In Khaos Control:
    1. Open the Sales Order with an un-authorised transaction.
    2. Go to the [ Sales Order | Details | Payment ] tab.
    3. In the the upper Payment Grid, right click on the transaction.
    4. Select 'Pre-Authorise Transaction'.
  2. In the Stripe dashboard:
    • In [ Payments | All payments ] a pre-authorised transaction will appear for the appropriate customer and is marked as 'Incomplete'


Note: Transactions which have been preauthorised in this way must be fully authorised within 24 hours.

Rejecting a Pre-authorised transaction

If a transaction has been pre-authorised, but not yet authorised; the pre-authorisation can be reversed.

  1. In Khaos Control:
    1. Open the Sales Order with an un-authorised transaction.
    2. Go to the [ Sales Order | Details | Payment ] tab.
    3. In the the upper Payment Grid, right click on the transaction.
    4. Select 'view payment details'.
    5. In the popup select 'reject authorisation'.

On the Stripe dashboard the payment's status for this transaction will change to 'cancelled'

Processing Refunds

  1. Open a Customer screen (show me how).
  2. Find and load the Customer that has the sales order with the successfully authorised a Stripe transaction.
  3. Open the [ Customer | Detail | Statement ] screen.
  4. Focus on the credit note in the Statement Transactions grid.
  5. Right-click and from the Context menu select [Refund - Refund Credit Note or Payment (automatic)].
  6. In the Refunds Dialog:
    • Tick the 'refund?' checkbox.
    • Check the amounts to be refunded and the bank are correct.
      Note: To process part of a payment, specify the value for the refund
    • Click OK.

Notes

  • In the Stripe Dashboard the payment will be marked as 'refunded' if a full refund has been carried out.
  • On the stripe dashboard, if doing a partial refund, the payment will be marked as partially refunded. You should be able to click for details and see that the correct amount has been refunded.
  • For partial refunds, you can return to your partially refunded transaction in the [ Customer | Detail | Statement ] screen and again issue an automatic refund, this time for the full remaining amount. On the Stripe dashboard, the payment will now be updated to being fully refunded.


See Also


Did you find this article helpful?