Oct 13

Adding WeChatPay to Stripe

0 comments

 

 

WeChat Pay Payments with Sources Public Beta

 

Use Sources to accept payments using WeChat Pay, a popular payment method in China.

Stripe users can use Sources—a single integration path for creating payments using any supported method—to accept WeChat Pay payments from customers from China. Based on current use patterns and restrictions, WeChat Pay is most useful if you sell physical goods, or are in the travel industry.

 

Before you can use WeChat Pay, you must activate it in the Dashboard. Your use of WeChat Pay must be in accordance with WeChat Pay Terms of Service.

During the payment process, a Source object is created and you receive a WeChat Pay URL that is used to authorize the payment in the WeChat app by scanning a QR code. After completing this, your integration uses the source to make a charge request and complete the payment.

 

WeChat Pay is a push-based, single-use and synchronous method of payment. This means that once your customer takes action to authorize the charge there is immediate confirmation about the success or failure of a payment.

 

Step 1: Create a Source object

A Source object is either created client-side using Stripe.js or server-side using the Source creation endpoint, with the following parameters:

PARAMETERVALUEtypewechatamountA positive integer in the smallest currency unit representing the amount to charge the customer (e.g., 1099 for a $10.99 payment).currencyThe currency of the payment. Must be the default currency for your country. Can be aud, cad, eur, gbp, hkd, jpy, sgd, or usd.statement_descriptor optionalA custom statement descriptor for the payment.

To create a source with Stripe.js, first include the library within your website and set your publishable API key. Once included, use the following createSource method to create a source client-side:

stripe.createSource({
  type: 'wechat',
  amount: 1099,
  currency: 'usd',
}).then(function(result) {
  // handle result.error or result.source
});

Using either method, Stripe returns a Source object containing the relevant details for the method of payment used. Information specific to WeChat is provided within the wechat subhash.

{
  "id": "src_18eYalAHEMiOZZp1l9ZTjSU0",
  "object": "source",
  "amount": 1099,
  "client_secret": "src_client_secret_UfwvW2WHpZ0s3QEn9g5x7waU",
  "created": 1445277809,
  "currency": "usd",
  "flow": "none",
  "livemode": true,
  "metadata": {},

See all 27 lines

Optional: Provide a custom statement descriptor

WeChat Pay can accept a statement descriptor before the customer is redirected to authorise the payment. By default, your Stripe account’s statement descriptor is used (you can review this in the Dashboard). You can provide a custom descriptor by specifying statement_descriptor when creating a source. WeChat statement descriptors support a maximum of 32 characters.

stripe.createSource({
  type: 'wechat',
  amount: 1099,
  currency: 'usd',
  statement_descriptor: 'ORDER AT11990',
  owner: {
    name: 'Jenny Rosen',
  },
}).then(function(result) {
  // handle result.error or result.source
});

Providing a custom statement descriptor within a subsequent charge request has no effect.

Error codes

Source creation for WeChat Pay payments may return any of the following errors:

ERRORDESCRIPTIONpayment_method_not_availableThe payment method is currently not available. You should invite your customer to fallback to another payment method to proceed.processing_errorAn unexpected error occurred preventing us from creating the source. The source creation should be retried.

 

Step 2: Have the customer authorise the payment

When creating a source, its status is initially set to pending and cannot yet be used to make a charge request. Your customer must authorise a WeChat Pay payment to make the source chargeable.

To do so, you will need to show the customer a QR code created from the URL provided within wechat[qr_code_url].

After the authorisation process, if the customer has authorised the payment, the Source object’s status will transition to chargeable; it is then ready to be used in a charge request. If your customer declines the payment, the status will transition to failed.

Testing

For sources created in test mode, the wechat[qr_code_url] can be scanned using any QR Code scanning application rather than WeChat. The URL leads to a Stripe page that displays information about the API request, and where you can either authorise or cancel the payment.

 

Step 3: Charge the Source

USING WEBHOOKS

Your integration must use webhooks in order for you to receive notifications of status changes on Source and Charge objects.

Once the customer has authorised the payment, the source’s status transitions to chargeable and it can be used to make a charge request. This transition happens asynchronously.

Some customers using WeChat Pay will assume that the order process is complete once they have authorised the payment and received confirmation on WeChat Pay’s app. It is essential that your integration rely on webhooks to determine when the source becomes chargeable in order to create a charge. See our best practices for more details on how to best integrate payment methods using webhooks.

 

Webhooks

The following webhook events are sent to notify you about changes to the source’s status:

EVENTDESCRIPTIONsource.chargeableA Source object becomes chargeable after a customer has authorized and verified a payment.source.failedA Source object failed to become chargeable as your customer declined to authorize the payment.source.canceledA Source object expired and cannot be used to create a charge.

Make a charge request using the source

Once the source is chargeable, from your source.chargeable webhook handler, you can make a charge request using the source ID as the value for the source parameter to complete the payment.

curl Ruby Python PHP Java Node Go .NET

curl https://api.stripe.com/v1/charges \
  -u sk_test_g1Atljb9ucApZ9tvXuav0Ieg00XYgVawH3: \
  -d amount=1099 \
  -d currency=usd \
  -d source=src_18eYalAHEMiOZZp1l9ZTjSU0

WeChat Pay Sources are single-use and cannot be used for recurring or additional payments. See Sources & Customers for more information on how single-use Sources interact with Customers.

 

Step 4: Confirm that the charge has succeeded

Since WeChat Pay is a synchronous payment method and the customer has already authorised the payment using the WeChat application, unless there is an unexpected error, the Charge will immediately succeed.

You receive the following webhook event when the charge succeeds:

EVENTDESCRIPTIONcharge.succeededThe charge succeeded and the payment is complete.

We recommend that you rely on the charge.succeeded webhook event to notify your customer that the payment process has been completed and their order is confirmed. See best practices for more details on how to best integrate payment methods using webhooks.

 

Disputed payments

If a customer’s WeChat Pay account is used illicitly, WeChat Pay and Stripe handle the issue internally. In the context of WeChat Pay, payments are only disputed if the customer has a complaint about the provided goods or service. Should a dispute occur, a dispute.created webhook event is sent, and Stripe deducts the amount of the dispute from your Stripe balance.

 

Refunds

Payments made with WeChat Pay can only be submitted for refund within 180 days from the date of the original charge. After 180 days, it is no longer possible to refund the charge.

 

Sources expiration

A WeChat Pay source must be charged within six hours of becoming chargeable, or before 23:45 China Standard Time (GMT+8) due to Chinese government restrictions around settlement. If it is not, its status is automatically transitioned to cancelled and your integration receives a source.canceled webhook event. Once a chargeable source is cancelled, the customer’s authorised WeChat Pay payment is refunded automatically—no money is moved into your account. For this reason, make sure the order is cancelled on your end and the customer is notified when you receive the source.canceled event.

Additionally, pending sources are cancelled after one hour if they are not used to authorise a payment, ensuring that all sources eventually transition out of their pending state to the cancelled state if they are not used.

New Posts
  • CNY-USD | AML and KYC Payments processing. We are being told that USA and China are in a trade war, but in reality, there is a fundamentally close cooperation between the infrastructure networks, which operate in one accord. In fact, our USA-China payments processor, works strictly in accordance with USA law and vice versa. I am very happy to see this inter-connectivity at play between USA and China. Highlights from our training for on-boarding USA businesses into Chinese payments platform: Notable is that the global standardisation and systematisation of Anti-Money Laundering and Know Your Customer Rules, the connectivity of money laundering crime databases, which are immediately accessible to the payments processor during an application process. This means that criminals will not be able to take a back door to access a means of money laundering, which protects all of us from recurring, organised crime. Logically, if there is no way to spend the proceeds of crime, there is much less incentive to steal in the first place. We love China and USA cooperation across AML and KYC rules, because this protects you, your business, your family and your friends.
  • This very entertaining movie will help you to understand why we need AML and KYC laws. https://m.youtube.com/watch?v=wuBRcfe4bSo I highly commend all our clients and business partners to watch the Steven Soderbergh movie 🎥 THE LAUNDROMAT featuring Merryl Streep. Based on the Mossack Fonseca - Panama Papers scandal - the incredibly deft narrative of this financial scandal movie simplifies the complexity of financial corruption, through a truly entertaining and innovative parody narrative lens. Merryl Streep could potentially earn awards for her incredible performance, which, as you will see, leaves with no question about her stance for anti corruption and American liberty. A timely and poignant moral warning tale. ⚠️ Very useful for education into global financial system and why we need to have anti money laundering and know your customer rules. Not suitable for children. https://www.netflix.com/title/80994011?s=i&trkid=13747225 https://en.m.wikipedia.org/wiki/Mossack_Fonseca
  • Cloudflare speeds up and protects millions of websites, APIs, SaaS services, and other properties connected to the Internet. Explanation by Diana Maltseva Cloudflare is one of the best DDoS mitigation solutions, enjoyed and appreciated by web developers. In December 2017, Forrester independent research firm named Cloudflare a leading tool for DDoS attack protection. Connect to Diana on Linkedin . Cloudflare enables to secure, optimize, and speed up any web properties (websites, SaaS services, APIs, and other Internet-connected properties) with no need in installing software or making code changes. Protected by Cloudflare , all web traffic is flown through an intelligent and safe global network. What’s more, the network becomes smarter with each new online service added and gets improved thanks to increased site performance, optimized traffic, and decreased spam level. Protection against the largest DDoS attacks with Anycast Cloudflare’s Anycast network capacity is 15 times bigger than the largest DDoS attack ever recorded. With 15 Tbps of capacity, it can easily handle and protect against modern and large DDoS attacks, involving those that target DNS infrastructure. Anycast works as follows: representing an addressing and routing tool, it enables inbound requests to be distributed to a plenty of locations. After other DDoS mitigation solutions filter out some of the attack traffic, Anycast allocates the remaining traffic across multiple data centers, preventing locations from being overwhelmed with thousands of requests. Anycast network allows to distribute attack traffic to the point where it can be easily managed. What’s important, by checking more than 300B request per day – 10% of the world’s HTTP Internet traffic – Cloudflare tool learns from attacks targeting customers on the network and prevents upcoming threats as a result. Cloudflare enables to block malicious bot abuse and prevent Today the frequency and sophistication of malicious bot abuse are increasing, therefore the number of impacted companies is also increasing, including their losses in clients, operational costs, revenues, and credibility. The targeted services require the resilience of a scalable network to fight against malicious bot abuse. By using Cloudflare, you can avert bots from excessive usage across web properties ( SaaS , APIs, websites, etc.) and protect businesses from damages. Anycast technology enables Cloudfare benefits to scale with every server that they add to their growing footprint of data centers. FREE VERSION: DDoS attack mitigation Global Content Delivery Network Support via email PRO VERSION: DDoS attack mitigation Global Content Delivery Network Support via email Enhanced security with Web Application Firewall (WAF) Image and mobile optimization BUSINESS: DDoS attack mitigation Global Content Delivery Network Support via email Enhanced security with Web Application Firewall (WAF) Image and mobile optimization 24x7x365 chat support 100% uptime SLA CNAME set-up compatibility Easy PCI compliance Use your own SSL certificate ENTERPRISE: DDoS attack mitigation Global Content Delivery Network Support via email Enhanced security with Web Application Firewall (WAF) Image and mobile optimization 24x7x365 chat support 100% uptime SLA CNAME set-up compatibility Easy PCI compliance Use your own SSL certificate Bot Management 24x7x365 phone support Named solutions engineer support 25x reimbursement uptime SLA Role-based account access Raw log information Unlimited custom rulesets for WAF Ability to add TCP/UDP traffic protection (Spectrum) https://www.cloudflare.com/
Subscribe to Site