Solved

billing_attempt/challenged Webhook not emitted when expected

lemonsenpai
Shopify Expert
1 0 2

The billing_attempt/challenged webhook is described as follows

Emitted when the financial institution challenges the subscription billing attempt charge as per 3D Secure.

And according to the blurb and diagram on the same page, one might expect the webhook to be emitted when the 3D Secure email is sent out to the customer.

Shopify handles 3D Secure authentication by emailing the customer when the financial institution requires a challenge. This flow is demonstrated in the diagram below:

3ds-flow-41a34cbc679a1b92158a31b77200130ab2a3c809de3cf1ac5a8fa67fd2477dff

But while trying to test the webhook, it only triggers when the link in the 3D secure email is visited, NOT when the email is sent. Is this a bug with the test card, Shopify Payments, or is the description of the webhook wrong?

 

https://shopify.dev/apps/subscriptions/contracts#subscription-related-webhooks

https://shopify.dev/apps/subscriptions/contracts#about-3d-secure 

 

Accepted Solution (1)

pranab
Shopify Staff
27 3 3

This is an accepted solution.

Hi @lemonsenpai,

Thank you for your question!

When the link on the email is visited it triggers the flow where the financial institution will request a 3DS authentication and the webhook is fired in that flow.

Also, the 3DS challenge webhook is only triggered when the buyer is in session. When the email link is visited the buyer is in session and the 3DS is triggered, which fires the webhook.

Thank you,

Pranab

To learn more visit the Shopify Help Center or the Community Blog.

View solution in original post

Replies 2 (2)

pranab
Shopify Staff
27 3 3

This is an accepted solution.

Hi @lemonsenpai,

Thank you for your question!

When the link on the email is visited it triggers the flow where the financial institution will request a 3DS authentication and the webhook is fired in that flow.

Also, the 3DS challenge webhook is only triggered when the buyer is in session. When the email link is visited the buyer is in session and the 3DS is triggered, which fires the webhook.

Thank you,

Pranab

To learn more visit the Shopify Help Center or the Community Blog.

Anton999
Shopify Partner
5 0 5

Hi @pranab,

 

What is recommended workflow when SCA is required then?

 

Currently, the only way to retrieve the SCA URL is making regular requests. For example:

 

  1. An application creates a billing attempt.
  2. Shopify processes it, and the financial institution requires SCA.
  3. Shopify sends an email to the customer.
  4. Customer doesn't click on the link.

How the application should retrieve the information that this billing attempt requires SCA? The only way I can see here is making regular requests and reading information about this billing attempt. But it's not a good practice.