Add Stripe Fingerprint to PaymentMethod
Currently, if we're allowing Zuora to manage credit cards, transactions are posted as one-off rather than using tokenization. The real challenge begins when we consider the case of a client attempting to defraud checkout: the Stripe Fingerprint (a unique ID to the credit card itself regardless of tokenized or one-off processing) is not passed back through Zuora to the API / Interface. This means that we cannot see if someone is attempting to purchase multiple new subscriptions with the same credit card information.
I would like to suggest that the fingerprint be associated with each PaymentMethod and that, like the rule of a PaymentMethod not being associated with more than a single billing account that you'll encounter, the fingerprint field can be set as "unique" and will throw an error if there is an attempt to create a duplicate PaymentMethod.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.