Due to the forthcoming implementation of the EU Secure Customer Authentication regulations, we have made changes to our Consumer API to allow authentication of credit cards using 3DS2 when creating a booking.  We have also left the existing implementation in place to allow a period of time to make changes.  However, we strongly recommend you update your integration to prevent payments failing once the regulations are implemented


Implementation will begin on the 14 September 2019 but is dependent on the payment processors themselves.


Payment failure will not be universal for partners that fail to update to the new CreateBookingWithStripeToken process as 3DS2 will be randomly demanded for individual payments by individual payment processors causing errors in your booking widget. We expect that this random nature will produce a high level of customer dissatisfaction, confusion and thus support for all parties included in the process. Due to this we recommend immediate action.   


Where Card tokenization is processed the errors will be passed on to the ResDiary user when charging a card. This will mean lost revenue for our joint restaurant clients. Due to this we recommend immediate action. Any integration failing to update prior to 30.11.2019 will be considered an uncertified integration and thus will no longer be supported by ResDiary.   


To update your implementation you will need to update any calls to Create Booking With Stripe Token to use the new PaymentMethodId and PaymentIntentId properties in place of the previous StripeToken.  Complete details of how this should work are in the following updated booking flows:


No payment or credit card required

Client: Calls CreateBookingWithStripeToken as before

Server: Returns Success status and booking is made


- - - - -


Payment required without 3DS2

Client:  Calls CreateBookingWithStripeToken (as before)

Server: Returns PaymentRequired status

Client: Initialises Stripe using StripePublishableKey and StripeAccountId supplied in returned object

Client: Uses Stripe to generate a payment method

Client:  Calls CreateBookingWithStripeToken supplying PaymentMethodId returned from Stripe

Server: Returns Success status and booking is made


- - - - -


Payment required with 3DS2

Client: Calls CreateBookingWithStripeToken (as before)

Server: Returns PaymentRequired status

Client: Initialises Stripe using StripePublishableKey and StripeAccountId supplied in returned object

Client:  Uses Stripe to generate a payment method

Client: Calls CreateBookingWithStripeToken supplying PaymentMethodId returned from Stripe

Server: Returns StripeAuthenticationRequired status and PaymentIntentSecret

Client: Uses returned PaymentIntentSecret with Stripe to generate a payment intent

Client: Calls CreateBookingWithStripeToken supplying PaymentMethodId and PaymentIntentId returned from Stripe

Server: Returns Success status and booking is made


- - - - -


Credit card required with and without 3DS2

Client: Calls CreateBookingWithStripeToken (as before)

Server: Returns CreditCardRequired status and SetupIntentClientSecret

Client: Initialises Stripe using StripePublishableKey and StripeAccountId supplied in returned object

Client: Uses Stripe to generate a PaymentMethodId

Client: Calls CreateBookingWithStripeToken supplying PaymentMethodId returned from Stripe

Server: Returns Success status and booking is made



Further details on the SCA regulations and Stripe's implementation can be found at https://stripe.com/au/guides/strong-customer-authentication.


The ResDiary API and Development Support teams are committed to assisting you in updating as quickly as possible so feel free to contact us at support-api@resdiary.com with any questions.