Stop saving new cards to sources. Use the PaymentMethods API instead

[allendav]

Stripe recommends using the PaymentsMethods API instead of sources and tokens. See https://stripe.com/docs/payments/payment-methods/transitioning

For example, this code is no longer recommended: https://github.com/woocommerce/woocommerce-gateway-stripe/blob/012483bdb6e4f258aeeceaac5b9db794abfbfc5f/includes/class-wc-stripe-customer.php#L240

Noteworthy: sources cannot support cards swiped with Stripe Terminal. Such payment methods will NOT appear in the my-account page for a customer and could confuse the end user, provided it otherwise works correctly (it may not.)

Use cases to update:

• [ ] Save credit card
• [ ] Save SEPA debit IBAN
• [ ] Make Default payment method
• [ ] Delete Payment Method

[DanReyLop]

It was considered as part of the initial SCA efforts, but it was deemed too big of a change. For now, using Sources works in every case, thanks to the Sources <-> Payment Methods compatibility: https://stripe.com/docs/payments/payment-methods/transitioning#compatibility

The only caveat is that, if an API endpoint expects a payment_method parameter, you can send a Source ID instead, BUT you must also send a customer parameter.

[v18]

Noteworthy: sources cannot support cards swiped with Stripe Terminal. Such payment methods will NOT appear in the my-account page for a customer and could confuse the end user, provided it otherwise works correctly (it may not.)

@allendav you mean to say that any payment methods (credit cards, etc) saved to a customer's account via the website are using sources. And sources will not show up in the terminal. This means any cards saved on the website won't be able to be using in POS. Are there any other customer gaps with credit cards that will show for the user using the app?

[allendav]

Any cards captured by a terminal will not appear under my-account until we stop using sources for that page

[v18]

@allendav ooh ok, got it. thanks!

[dechov]

@allendav I think we would still need to show existing Sources on that page indefinitely though – so the fix for that particular issue would just be to also support showing Payment Methods – is that right?

[allendav]

@dechov Yup - exactly - we'll want to show payment methods AND we will have to continue to show any legacy sources too

[dechov]

@allendav In that case it seems like a related but distinct issue from not generating new Sources. (Another symptom is described in https://github.com/woocommerce/woocommerce-gateway-stripe/issues/1102#issuecomment-706163289.) Just noting so it can be contained in its own smaller issue with its own priority, if necessary.

[tijosh]

Another side effect of saving new cards to sources is a webhook error:

Link to image: https://d.pr/i/MTMeNv

Response body is:

"The source you provided has already been attached to a customer."

Link to image: https://d.pr/i/y46dk7

[simplysaru]

A customer reached out to us while migrating to WooCommerce Subscriptions that they don't have src or card tokens as required for manually adding a subscription. The customer was informed by Stripe to use the pm tokens for processing as src and card have been deprecated. Are there any workarounds to using pm tokens or would this need to wait until this issue is resolved?

[dechov]

@simplysaru pm_ IDs can be manually attached to the subscription (relevant doc section here I believe) as of this change last year.

[voxtermen]

@dechov Hello! If I only have customer_id (stripe), can I renew woocommerce subscriptions?

[roux1max]

Hello everyone!

Thanks for the awesome work on this plugin. Just wanted to bring back this thread to life because we hit cases where credit card were refused using the Sources API.

I checked directly with Stripe before coming to you guys but they ensured me it was because the plugin didn't us the PaymentIntent API (thread with the plugin support : https://wordpress.org/support/topic/error-saving-cards-with-3ds-active/).

It happens whenever we want to save a credit card and for all credit cards issued by the french bank "La Banque Postale".

Hope that you can go on that direction, if needed I could land a hand for the development!

[mattallan]

Closing this.

Our Stripe extension implemented PaymentMethods API some time ago and as of v8.5.0 (PR https://github.com/woocommerce/woocommerce-gateway-stripe/pull/3249) all subscriptions that were still using src_ tokens are migrated to pm_ tokens