8

Let's say a customer is returning to pay for a subscription after some time of not using the service. Once card information from a customer is POSTed from the client browser, does stripe.customers.create identify the card that has been used before? In such case, does customer object id returned has the same id as the one customer had before? I am asking this question because I am not sure if I should relate one customer ID per a user in my DB or multiple customer IDs per a user.

sawa
  • 1,930
  • 3
  • 24
  • 33

3 Answers3

11

I can give you an example of how I manage the associations between users web site and customer of Stripe.

Within my own database I have a table for users registered to the site ("Users") and a table for customers stripe ("Stripe_Customers"). Into the Users table there is the GUID of Stripe_Customers. When a new user signs up to the site I create a new record into Stripe_Customers too (leaving the stripe_id column empty). Then when the user go to the payment form page we have these cases:

At onLoad page: I check if he already is a customer_stripe or not.

  1. If "false": The form is empty. The User must insert credit card informations. When he press submit I create the new customer (Stripe.customer.create) and update the user's record of Stripe_Customers table.

  2. If "true": The form is prefilled with card informations retrieved from Stripe by his stripe_id (Retrieve_Card). In this case the user can use the old credit card or insert a new one.

    In the case of inserting a new card, When the User press submit, I update the card informations of the customer on Stripe (Update_Card).

what I have written above is not complete and it is a little different (I give the possibility to choose whether to save or not the credit card and other things ).

I hope this can be of help to you.

P.S.: If you want to check if the credit card inserted is the same of that stored into the informations of customer on Stripe you need to check the "fingerprint" parameter that is based on the credit card number (so never change. A card will have always the same "fingerprint") [see Card-Obeject documentation for more info]

The Dude
  • 363
  • 1
  • 14
  • Thank you for your detailed answer. I, however, do not see fingerprint property in a card object on the page you have linked. It seems that token object retrieved already contains a card object, which I can possibly compare with the existing user's card object. Am I missing anything? – sawa Oct 14 '16 at 20:33
  • @narusawa: When you [create](https://stripe.com/docs/api#create_card_token) the token at the submit's form and you [retrieve](https://stripe.com/docs/api#retrieve_card) card of the current logged-in customer, you have the ability to check the [fingerprint](https://stripe.com/docs/api/php#card_object-fingerprint) because they both return a card object (The "fingerprit" is between the list of the Card_Object attributes linked a moment ago) – The Dude Oct 16 '16 at 07:30
  • @TheDude how do you charge the same card again? Do you get the user to enter the security number? or just charge based on customer_id and card_id? - https://stackoverflow.com/questions/44326838/charging-existing-card-and-customer-with-security-code-on-stripe – Dawood Awan Jun 02 '17 at 10:55
  • @DawoodAwan When do you do a charge using the customer_id, the card informations are stored on stripe, so you can use it to retrieve the basic informations (last 4 card number and the Expiry date) to fill the charging form. Then using the customer_id you can charge the card associated to that customer – The Dude Jun 05 '17 at 07:13
  • Just a curious question from a passer by, should the stripe customer id be hashed when saved in the db? – Johnny boy Feb 10 '23 at 04:52
2

If a customer come back to do some operation we can suppose that you have already all the informations about that.. So you have to handle if create or update a customer (card or subscription, etc.. )

This is the documentation about Stripe.create.Customer.

And it say:

Creates a new customer object.

Anyway, explains more about your situation. Is it into a site where the user is already logged-in? Or is it different?

The Dude
  • 363
  • 1
  • 14
  • Yes, users are already logged in when they POST credit card information. So, if I am understanding you correctly, I need to relate one customer ID per user in my DB, and in case there is a returning user, I need to use Stripe.customer.update. Am I on the right track? Is Stripe.customer.update enough for credit card checkout to be processed without Stripe.customer.create? – sawa Oct 14 '16 at 10:16
  • I had to write another answer because the characters were not enough :-P – The Dude Oct 14 '16 at 13:12
1

Yes Customer ID is a constant string in stripe. In your application, when you register your customer, make sure you through one call to stripe payment gateway to register there. stripe.customers.create() method should be invoke with customer object as parameter.
https://stripe.com/docs/api#create_customer

After creating user in stripe you can add card for that user from you api by throwing a call to this method of stripe stripe.customers.createSource({},{},cb)

here first parameter will be customer ID which is returned from stripe. second parameter will be token and third parameter will be a callback function if you are in (Node.js) environment.

Thanks

Parit
  • 98
  • 3