Jump to content
mustardman

Stripe module problems v7.3.0

Recommended Posts

I just updated from v6 and from serverping 3rd party Stripe module.

I made sure that all the 3rd party stripe files were deleted including the custom template files and replaced by six and standard_cart template files.  

So far existing customers do not appear to be affected.  This is only for new customers and credit card changes since the update. 

First problem is that credit cards are stored locally.  I read in the stripe documentation that cards are stored locally until after a purchase is made.  After that it creates the customer and token on Stripe and saves that token info locally.  That works as expected.  However, it is also supposed to delete the full credit card number stored locally but it does not appear to do that.  I know because in admin area "Credit Card Information" it has an additional field for entering the CC hash.  If I enter the CC Hash number I get the full credit card number.

Second problem probably related to first.  If I check "Disable Credit Card Storage" in admin area then nothing credit card related works in admin or client area.  I cannot add/change/delete cards from admin area.  The "Manage Credit Card" link in the client area disappears.  I cannot browse to it even if I use the direct link "/clientarea.php?event=creditcard"

I found this troubleshooting guide (about 3/4 of the way down) by searching for another error I had only in admin area ("No Stripe Details Found for Update") and went through all those things. 
https://docs.whmcs.com/Stripe

There are definitely no remaining 3rd party stripe files, templates or changes anywhere.  I can get around that error by enter credit card in client area so that error only happens in admin area and no I do not have any admin area customizations.

Edited by mustardman

Share this post


Link to post
Share on other sites

This is worrying. I'm soon to be upgrading WHMCS and I really need Stripe to work. It's also a great concern that card details are being stored. I was under the impression that this was tokenised and only the last four digits were stored.

With the new EU GDPR legislation, is is vitally important that businesses have an effective data protection policy and practices in place and it seems WHMCS is woefully inadequate when it comes to this area. This new legislation comes into force in six months time, so if this software is still not compliant, it will make any business using WHMCS in breach.

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

The last time I looked at this a few months ago, it seemed that if you upgrade WHMCS to version 7, the old stripe module doesn't work, so you have to remove it - but the new integrated module will only work with the default templates and has several problems that need to be addressed. So this makes it currently impossible for us to upgrade because we rely totally on Stripe to run our business.

It's really disappointing that WHMCS haven't focussed their attention on this issue and have not come up with a solution.

Share this post


Link to post
Share on other sites

 

11 hours ago, mustardman said:

First problem is that credit cards are stored locally

Card details are absolutely not stored when using the Stripe module - if the card details were already stored in WHMCS, then they would continue to be until the next payment. But, when checking out as a client and entering new details, WHMCS does not receive any card details, and the details are sent straight to Stripe. If you are getting card details stored, then you would appear to have some misconfiguration somewhere, perhaps with a custom template. You can tell if the card input form (admin or client area) is working correctly if you do not see a card type. If you see a card type field, then Stripe is not the selected gateway. For a new client in the admin area, their payment method (until an order has been added) will be the first payment gateway in the list in Setup -> Payments -> Payment Gateways. You can also override this on the profile tab using the Default Gateway option.

 

11 hours ago, mustardman said:

If I check "Disable Credit Card Storage" in admin area then nothing credit card related works in admin or client area.

As the Stripe module is still a CC gateway, you cannot disable CC storage as WHMCS still needs to store some data (like the gateway id, card last 4 and card expiry).

 

If you are continuing to have issues in the admin area, I would suggest opening a ticket so our Support Team can take a look for you and advise.

Share this post


Link to post
Share on other sites

Thanks for the reply.   I do see card type in admin and client area when the client payment method is set to PayPal.  It goes away when client payment method is switched to Stripe or default (Stripe).  Would this be considered a bug?  

To reproduce on v7.3.0.  Set up Stripe and PayPal payment gateways with Stripe as default (at the top).  Setup a test client with no credit card saved and go to Profile > Payment Method and set it to PayPal.  Now if you try save a credit card to that client in admin or client area it will have "Card Type" option. In admin area it fails and Gateway Transaction Log has stripe gateway data "No Stripe Details Found for Update".  If you try do the same thing in client area it successfully saves the credit card locally.  No gateway transaction log.  Now view it in admin area and you see the option to enter CC Hash to view entire card number.  

I tested the same thing on a v6.3.2 system that uses the serverping stripe module and it works the way I would expect it to work.  It always saves credit card info to Stripe even if I set client profile default payment method to Paypal.  I updated that database to WHMCS v7.3.0 on a different server.  So the settings are all the same.  The only changed are the WHMCS version and switching from 3rd party to internal Stripe module.  This is definitely not a template issue because it happens in admin area and there are no custom templates being used there.

The  requirement to not "Disable Credit Card Storage" was adding to the confusion.  It is not explained anywhere in the documentation that I could find and if you google around you will find discussions/solutions involving checking that feature, including in this forum.  I think if you specify that it must NOT be checked that may help others.

Edited by mustardman

Share this post


Link to post
Share on other sites

I think there is another problem that results from the first explained above.  Now that the full CC number is stored locally, if you switch the client payment method back from PayPal to Stripe and run a transaction, it then saves the Stripe token locally and remotely on Stripe.  However, the full CC number is still stored locally.  Now if you switch back to PayPal and delete the credit card locally, the token is still stored locally and remotely on Stripe.  Now switch back to Stripe and I believe you can still run a transaction using the card which is still stored on Stripe.  Probably an unlikely scenario but I don't think this should be possible in the first place.  

Edited by mustardman

Share this post


Link to post
Share on other sites

Hi,

We made some refinements to tokanisation gateway credit card detail  handling in v.7.3, so you will find that the "Manage Credit Card" option is no longer displayed in the client area in this situation. Therefore the client does not have the option to enter card details and have them stored locally.

Instead they will be required to follow the designed workflow to create a new remote storage token; by paying an invoice. Paying the invoice will create the remote token, store the token in WHMCS, and then activate the credit card management page in the client area.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By Damo
      When trying to update a customers card via the Admin area the customer is deleted from our Stripe Account.  The logs show an API call that updates the card followed by an immediate call to delete the customer.
       
    • By Web Host Pro
      We are adding Stripe to our billing processor and wanted to know if anyone here is using them. Any feedback or suggestions before we go live?
      Thank you,
      Charles
    • By mthosting
      I didnt want to use stripe.js module as i wanted to replace my existing gateway. This module is 100% PHP and does not use tokenization. There is another module that provides that.
       
      https://bitbucket.org/mthosting/stripewhmcs
    • By TekStorm Inc - James

       
       
      !! ORDER NOW !!


       
       
      TekStorm Inc., an ISO and strategic partner of Pivotal Payments Direct Corp. and of Pivotal Payments Inc., is your single-source provider for complete and affordable merchant services.
       
      North American (Canada and US) business owners can begin accepting payments quickly and easily with a Pivotal Payments merchant account; no matter your business type. International business owners, outside of North America, can begin accepting eCommerce and/or MO/TO payments quickly and easily with a Stripe account.
       
      Opening a merchant account is simple and priced right. Businesses can switch to lower fees and superior merchant services. Affordable credit card processing is here. Easily accept American Express, Diner's Club, Discover, JCB, MasterCard, Visa, and more at lower rates.
       
      We offer cost-effective credit card processing solutions that fit your budget. We understand that merchants are constantly challenged to minimize their operating costs and we have developed our payment processing solutions to provide the most comprehensive and reliable services at the most competitive rates.
       
      A reliable merchant account solution is here. No matter your business type, we offer merchant solutions at the best rates to help you sell more. Accept payments via your Web site with our eCommerce solutions. Pivotal Payments merchant account deposits are processed within 1-3 business days; depending upon the financial institution that you process with. Stripe deposits are made on a 2-7 day rolling basis.
       
      Get superior technology point-of-sale (PoS) terminals. Buy or lease-to-own countertop PoS terminals or discover freedom with wireless PoS terminals. Chip card ready, PCI-PED compliant, lightweight, and powerful!
       
      StripeXS™ makes it easy to start accepting payments. Begin accepting payments online, or by mail and telephone, quickly and easily with our online merchant solutions. Pivotal Payments merchant accounts are generally approved within 2 business days. Stripe accounts can be activated within minutes.
       
      StripeXS™ licenses will default to Pivotal Payments for North American orders and to Stripe for all others. Should your merchant account application be declined and/or if you are otherwise ineligible for such a merchant account, we will manually configure your license to allow the use of Stripe.
       
      StripeXS™, Pivotal Payments, and Stripe power commerce for sites across the Web. Our users include large companies, rapidly growing start-ups, side projects, and everything in between.
       
      Start accepting eCommerce and/or MO/TO payments almost instantly!
       
       


      !! ORDER NOW !!

       
       

      GlobalOne / Pivotal Payments

       
      What is Cost+ Pricing?
       
      Cost+ pricing (also known as interchange+ pricing) is a billing method used by TekStorm Inc. to give you further transparency and savings. When you process a transaction, we pass the interchange cost directly on to you.
       
       
      Why is Cost+ Better?
       
      Savings and transparency! Most processors use "interchange differential" pricing, where you are charged a base "qualified" rate and then charged a "non-qualified" fee and an "interchange differential fee" on top. This allows them to double-dip you on processing fees by charging multiple times for the same transaction.
       
      By passing the cost directly to you and only charging for a single markup, Cost+ pricing gives you significant savings while creating a very transparent arrangement with your processor (you know our cost and margin!)
       
       
      Automatic Account Updater
       
      Automated service ensures uninterrupted payments; improving business efficiency and preserving revenue streams! Auto Account Updater keeps credit card information current to prevent declines due to account number changes or expired cards. For businesses who offer subscription services and recurring billing plans, Auto Account Updater optimizes revenues by reducing authorization declines that result in lost sales, minimizes customer friction, and improves overall business efficiency.
       
      The recurring revenue marketplace represents over $600 billion dollars in global annual sales across all industries and business types. Subscription revenues are critical to these businesses and preventing any disruption to the payments cycle is paramount to improving revenue, customer satisfaction and loyalty. Auto Account Updater corrects card information prior to the next billing cycle through a process that is completely transparent to both merchants and cardholders. GlobalOne clients can maintain the most current card-holder database to ensure payment continuity.
       
      "A major pain-point for merchants using recurring billing is the need to keep card-holder information up to date," said Philip Fayer, president and CEO of Pivotal Payments. "Our Auto Account Updater virtually eliminates overhead costs related to keeping card information current. When used in conjunction with GlobalOne's suite of services, the efficiencies, ease of implementation, and cost savings with our Account Updater are significant."
       
      Some key competitive advantages gained with GlobalOne's Auto Account Updater include:
      A reduction in declined transactions, which increases top line revenue and preserves income flow.
      Can be used with GlobalOne's tokenization solution or integrated directly into merchants' payment systems.
      Improved operational efficiency; less time spent dealing with card decline issues.
      Reduced opportunities for consumers to cancel the service whenever account information changes.
      Seamless updates are performed daily and no customer contact is necessary; expiration dates and card numbers are automatically corrected.

       
      Price Match
       
      If you are a North American business and have an existing merchant agreement and/or get a quote, in writing, from another MSP that is lower than what TekStorm Inc. has quoted, you may be eligible for a price match or even lower price!
       
      Once your order has been provisioned, an auto-generated ticket will be opened for you with our standard merchant agreement attached. Should you happen to have an existing merchant agreement and/or quote that may be eligible for a price match, simply respond to the ticket with a scanned copy of your entire agreement and/or quote. We will get back to you ASAP with a custom agreement.  
       

      Stripe

       
      No card storage fees, no commitments, no hidden costs, no monthly fees, no setup fees, and no validation fees. There's also no charge for failed payments. You only get charged when you earn money.  
       


      !! ORDER NOW !!

       
       
      Pivotal Payments is Canada's largest independent payment processor. The mission of TekStorm Inc. and Pivotal Payments is to provide valued processing solutions which make a positive material impact to the businesses of their merchants and partners around the globe.

    • By linux4me
      I've got a new client who wants to have a client-billing system set up, and I've used WHMCS for several years for other clients, but been frustrated by the lack of native Stripe support. The 3rd-party plugins that add it make it a pain to maintain WHMCS.
       
      Is version 6 going to offer native Stripe support?
  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines