Web Payments SDK and cardholder name

Hello,

I have a question regarding credit card payment with the Web Payments SDK (Web Payments SDK).

I see that there is no cardholder name requested during the purchase, only card number, exp. date, CVV and postal code(zipcode)

Is it optional to have the cardholder name??

Because if it is not mandatory, then I will not ask for it or implement it?

Because I also see that there is a check that can be done in Javascript a verifyBuyer function!

Is this step strongly suggested? Note that I have customers in Canada, USA, France and other countries.

Thank you very much!
Pascal

:wave: I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:

Additional Documentation

Take Payments Online
Collecting Information
Cards on File Requirements

If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.

The cardholder name is not a required field when processing payments with Square’s Web Payments SDK. The essential details needed are the card number, expiration date, CVV, and postal code.

As for the verifyBuyer function, it is used to handle Strong Customer Authentication (SCA), which is a requirement for certain types of card payments in the European Economic Area (EEA). If a significant portion of your customers are from the EEA, it’s recommended to implement this function. However, even outside of the EEA, using verifyBuyer can add an extra layer of security to your payment process, as it helps to verify the identity of the buyer, reducing the risk of fraudulent transactions.

This answer was reviewed by @Bryan-Square.

Hello @Bryan-Square ,

Thanks for reviewing Square-Dev-AI’s answer. I have two more questions about this to see if I understand correctly.

1- if I read the documentation regarding verifyBuyer correctly, I must, on my side, create the form that asks for first name, last name, address, email, country, phone number, region, city?
and then add the informations in :

async function verifyBuyer(payments, token) {
        const verificationDetails = {
          amount: '1.00',
          billingContact: {
            addressLines: ['123 Main Street', 'Apartment 1'],
            familyName: 'Doe',
            givenName: 'John',
            email: '[email protected]',
            country: 'GB',
            phone: '3214563987',
            region: 'LND',
            city: 'London',
          },
          currencyCode: 'GBP',
          intent: 'CHARGE',
        };

Is that right?

2- If I activate verifyBuyer() for all users (all around the world)… Will a member from the USA or Canada for example have to enter the OTP? or it will not be asked because the user is not part of EEA ?

Thank you very much!
Have a nice day!

Yes, you will need to collect the relevant customer information on your form to pass to verifyBuyer. If you add this for all your customers then they be able to set risk rules in our Risk Manager. Based on the rules set will determine whether or not a customer is challenged. :slightly_smiling_face:

Hello @Bryan-Square ,

Thanks for your response !
I have another question regarding this topics and the Web Payment SDK. I’m going to ask the question here in this topic because it concerns the javascript code and the backend…

If I change the value of ‘intent’ in JavaScript from ‘CHARGE_AND_STORE’ to ‘CHARGE’ the payment not successfull with this error : The verification token provided is invalid.

Response of ERROR

array (size=1)
  0 => 
    object(Square\Models\Error)[75]
      private 'category' => string 'INVALID_REQUEST_ERROR' (length=21)
      private 'code' => string 'BAD_REQUEST' (length=11)
      private 'detail' => string 'The verification token provided is invalid.' (length=43)
      private 'field' => string 'verification_token' (length=18)

My code :

    const verificationDetails = {
          amount: '32.00',
          billingContact: {
            addressLines: ['123 Main Street', 'Apartment 1'],
            familyName: 'Doe',
            givenName: 'John',
            email: '[email protected]',
            country: 'GB',
            phone: '3214563987',
            region: 'LND',
            city: 'London',
          },
          currencyCode: 'CAD',
          intent: 'CHARGE', //intent: 'CHARGE_AND_STORE',
        };

Note that I use this form to create recurring subscriptions for my members.

Also, I do not want to keep the credit card information (card number, expiration date and CVV)

So that’s why I wanted to change the value of ‘intent’ from ‘CHARGE_AND_STORE’ to ‘CHARGE’

Because I saw a warning message that mentions this :

Important
Always ask customers for permission before saving their card information. For example, include a checkbox in your purchase flow that customers can select to specify that they want to save their card information for future purchases.

Linking cards on file without obtaining customer permission can result in your application being disabled without notice.

URL of this important message : https://developer.squareup.com/docs/cards-api/overview

So, I want to respect all the guidelines!

Is it OK to leave the value of ‘intent’ to ‘CHARGE_AND_STORE’ even if I don’t keep credit card information?? Or do I have to modify my code in my backend?

Thank you and have a great day!
Pascal

You won’t be keeping the card information. All that information is stored within Square which is PCI compliant. When saving a card on file we ask that you have the customer opt in when storing the card. If your going to do recurring payments you’ll want to use CHARGE_AND_STORE. :slightly_smiling_face:

Hello @Bryan-Square

Thanks for the explanation.
The only point I don’t understand is that in my case, it’s always subscriptions. I only sell subscription for every month (or every 3 months, or other 6 months)
so… it’s always monthly subscriptions… so the user knows in advance that it’s recurring every month, should I still offer him ?
Because if the user unchecks the checkbox that gives his consent, then what do I do?

if i understand correctly i can’t sell subscription if the user unchecks the checkbox…? or maybe there is something i don’t understand…

Thanks for your explanation

Pascal

While the documentation says you need a checkbox you can also just put a note that states something like: “By submitting payment you agree to {{COMPANY_NAME}} storing the card on file for future payments.” :slightly_smiling_face:

Hi @Bryan-Square,

Great and thank you so much!

Last question just to be sure… For future charges (other months like 2nd, 3rd, and other depending on the period chosen) on the credit card, is this managed automatically by SquareUp? I have nothing else to do ?

Thank you again for your very valuable help, it is always very very appreciated!

Have a nice day!

Your using the Subscriptions API right? If so then we will handle the billing according to the subscription. :slightly_smiling_face:

Thanks so much @Bryan-Square
Yes i’m using subscription :

$body = new \Square\Models\CreateSubscriptionRequest($locationId, $sandboxToken);

Thanks so much !
Have a great day !