Posted: April 28, 2020 at 12:31 pm
We use the Paypal gateway (but are open to moving to other gateways).
We would like to use EE to vault credit cards to enable storing a cc for charging later (1 or more times).
Is there any way to do this “natively” (with EE plugins) to store credit cards and charge later? (vaulting).
The short answer to this is no, EE does not have any add-ons available for this at this time and likely will not for a while yet.
It’s not clear if you’re looking to use Event Espresso as the credit card vault itself within your own infrastructure? If that is the case I can say it’s unlikely to be something we would consider integrating within Event Espresso due to the level of PCI compliance which would be required by you (the site own). It simply isn’t something that would benefit the majority of users as generally most wouldn’t comply with SAQ-D, nor would they change infrastructure to do so.
Some payment providers allow you to vault cards used to pay within their servers and you can initiate a payment using a token, Stripe is one of those although we don’t have that functionality implemented within EE at this time. If we added this functionality within EE, this would be the most likely set up we would implement as it requires less compliance.
It’s also possible to use a 3rd party vault which could then technically be used for any payment provides, although this would require a complete custom integration to function. I’d say this is also unlikely something we would create ourselves although there’s a higher chance than the first option.
So, you are saying a Stripe account can be sent a token from EE instead of a CC number, but EE currently doesn’t support storing, accessing, sending tokens and the different code flows required to do that?
Also, I am not clear when you say “a higher chance than the first option?” Does the first option refer to the EE as CC vault or to implmenting Stripe tokens?
Pretty much, yes.
Stripe checkout (which is included in the Stripe add-on but consider ‘legacy’, check the payment method settings and you’ll find it) is all based around tokens.
The latest version of the Stripe add-on uses Payment Intents, which are again, essentially tokens.
Stipe.com itself can be used as a vault but our Payment method does not utilize those functions, so you would basically need a custom Stripe payment method to use them and then any additional functionality to save them within EE etc.
The first option I mentioned was using EE as a vault within your own infrastructure, aka storing card details yourself. We currently have no plans/intentions of creating anything within EE that will store card details for later use.
The second option was using the vaulting options within a payment provider, like Stripe. If we added vaulting options within EE, it would likely be simply providing a feature from the payment provider itself. It’s not as flexible as your own but much lower risk, it’s also not as flexible as option 3, but that requires much more maintenance and a custom integration.
The last option (which I don’t think is something we would use, but more likely then saving card details) is a 3rd part vault which essentially acts as an intermediary storing the card details used before passing them onto which provider you are using (we tried this type of integration with Mijireh which then vanished, so far, these types of integrations are not worth the time investment).