Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Behind a Charge for DevRelJP meetup

Yasuhiko Tokunaga
August 27, 2018
Technology
0
360

Behind a Charge for DevRelJP meetup

This was the talk to explain what is exactly happening on the backend to make a charge with a credit card.

The DevRelJP in English: https://www.meetup.com/ja-JP/DevRel-Meetup-in-Tokyo/events/252862905

* This deck was developed by our team.

Yasuhiko Tokunaga

August 27, 2018
Tweet

More Decks by Yasuhiko Tokunaga

See All by Yasuhiko Tokunaga
JP_Stripes Tokyo Vol.12 - コミュニティ二年の歩み
yasutoku
0
52
JP_Stripes OKA (Okinawa) #4 Stripeアップデート
yasutoku
0
120
JP_Stripes vol 11 Stripe 最新アップデート
yasutoku
0
82
Stripe Connect と Stripe Subscriptions
yasutoku
2
870
DevRel_Meetup_Tokyo_20170905_Stripe
yasutoku
2
1.1k
What makes a study group valuable to me?
yasutoku
0
220

Other Decks in Technology

See All in Technology
Introduction to Works of ML Engineer in LY Corporation
lycorp_recruit_jp
0
110
OCI Security サービス 概要
oracle4engineer
PRO
0
6.5k
BLADE: An Attempt to Automate Penetration Testing Using Autonomous AI Agents
bbrbbq
0
300
iOSチームとAndroidチームでブランチ運用が違ったので整理してます
sansantech
PRO
0
130
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
990
rootlessコンテナのすゝめ - 研究室サーバーでもできる安全なコンテナ管理
kitsuya0828
3
380
OCI Vault 概要
oracle4engineer
PRO
0
9.7k
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
470
オープンソースAIとは何か? --「オープンソースAIの定義 v1.0」詳細解説
shujisado
7
820
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
300
ISUCONに強くなるかもしれない日々の過ごしかた/Findy ISUCON 2024-11-14
fujiwara3
8
870
Incident Response Practices: Waroom's Features and Future Challenges
rrreeeyyy
0
160

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.7k
Designing on Purpose - Digital PM Summit 2013
jponch
115
7k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
RailsConf 2023
tenderlove
29
900
Mobile First: as difficult as doing things right
swwweet
222
8.9k
Rails Girls Zürich Keynote
gr2m
94
13k
How GitHub (no longer) Works
holman
310
140k
Building a Scalable Design System with Sketch
lauravandoore
459
33k
Designing Experiences People Love
moore
138
23k
Fashionably flexible responsive web design (full day workshop)
malarkey
405
65k
GraphQLとの向き合い方2022年版
quramy
43
13k
Code Review Best Practice
trishagee
64
17k

Transcript

  1. Behind a Charge 8/27 Yasuhiko Tokunaga D E V R

    E L J P I N E N G L I S H

  2. Yasuhiko “Toku” Tokunaga • Born in Iruma, Saitama. • User

    Operations at Stripe since 2016. • Twitter: y_toku

  3. What’s Stripe? D E V R E L J P

    I N E N G L I S H

  4. Traditional payments matrix SELLER Processor American Express JCB ISO Mastercard

    Merchant Acquirer Other payment instruments VISA Depository institutions Fraud Business analytics Instant payouts Tokenization Automatic card updates PCI audits VAT Reporting International Currencies Payment methods Local routing GST

  5. International Currencies Payment methods Local routing GST PCI audits VAT

    Reporting Processor American Express JCB ISO Mastercard Merchant Acquirer Other payment instruments VISA Depository institutions Fraud Business analytics Instant payouts Tokenization Automatic card updates SELLER Stripe abstracts away traditional 
 payments hurdles

  6. 139+ currencies 3DS APMs Android Pay Apple Pay Card updater

    Checkout Dashboard Disputes Elements International support Metadata Mobile SDKs PCI compliance Plug-ins Reporting Sources Tokenization Webhooks Core payments I N T E G R AT E D PAY M E N T S P L AT F O R M

  7. Coupons Enable add-ons Integrated webhook support Tiered pricing Metered billing

    Multiple plan support Per-seat plan support Smart retry logic Trial periods Subscriptions Adaptive machine learning algorithms Custom rules Dynamic adaption API Fraud automation API Payments review UI Real-time insights Radar Staggered account creation Pre-built components for recipient onboarding, account management and verification Support for a fully customized UI Funds routing infrastructure to support any business model International support Support for payouts to 25 countries Connect I N T E G R AT E D PAY M E N T S P L AT F O R M

  8. Behind a charge What’s happening when you purchase something on

    Stripe network with your credit card? D E V R E L J P I N E N G L I S H

  9. 26584673 ?

  10. 0 0 0 0 0 0 : .

  11. 6 8 8 0 0 0 : .

  12. 26584673 Stripe API infrastructure Card network ML-based
 fraud prevention

  13. 26584673 Stripe API infrastructure Card network ML-based
 fraud prevention

  14. S T R I P E A P I I

    N F R A S T R U C T U R E Velocity Scalability Availability Security

  15. P C I I N F R A S T

    R U C T U R E A P I B A C K E N D I N F R A S T R U C T U R E API backend Front-end Server 2 Front-end Server 1 Front-end Server 3

  16. A Z 2 load balancer app app DB a DB

    b A Z 3 load balancer app app DB a DB b A Z 1 load balancer DB a DB b app app F L E X I B I L I T Y & AVA I L A B I L I T Y

  17. F L A S H S A L E

  18. 26584673 Stripe API infrastructure Card network ML-based
 fraud prevention

  19. ISO 8583 Format

  20. None

  21. require "stripe" Stripe.api_key = "BQokikJOvBiI2HlWgH4olfQ2" Stripe::Charge.create( :amount => 1400, :currency

    => "jpy", :source => { :number => "4242424242424242", :exp_month => 2, :exp_year => 2020, :cvc => "314" }, :description => "αϯϓϧܾࡁ" )

  22. require "stripe" Stripe.api_key = "BQokikJOvBiI2HlWgH4olfQ2" Stripe::Charge.create( :amount => 1400, :currency

    => "jpy", :source => { :number => "4242424242424242", :exp_month => 2, :exp_year => 2020, :cvc => "314" }, :description => "αϯϓϧܾࡁ" )

  23. 0 1 0 0 F 2 3 C 6 4

    8 1 0 8 E 0 8 0 1 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 4 1 0 4 2 4 2 4 2 4 2 4 2 4 2 4 2 4 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 4 0 0 1 1 0 1 0 1 3 9 5 8 6 6 8 7 8 5 1 8 3 9 5 8 1 0 3 1 2 1 0 4 3 5 2 2 0 8 4 0 0 1 2 0 5 9 0 6 4 9 8 0 3 0 F 6 F 3 F 0 F 6 F 0 F 1 F 6 F 6 F 8 F 7 F 8 F 5 F 4 C 3 F 2 E 9 E 8 C 2 F 1 E 8 E 2 F 1 D 7 D 3 D 1 D 1 D 2 E 7 E 7 C 2 E 3 F 0 C 3 E 8 C 4 C 7 D 9 C 1 C 9 D 5 4 0 6 0 4 0 C 7 D 6 F 1 F 4 F 4 F 1 F 2 F 1 4 0 4 0 4 0 4 0 4 0 4 0 4 0 4 0 4 0 E 2 C 9 D 5 C 7 C 1 D 7 D 6 D 9 C 5 4 0 4 0 4 0 4 0 E 2 C 7 0 8 4 0 0 5 0 0 0 0 0 0 0 0 0 7 0 5 8 0 0 0 0 0 0 0 0 0 0 E 0 0 4 0 0 0 0 0 0 0 0 0 0 0 0 0 F 1 F 1 F 0 F 0 F 0 F 0

  24. Message Type ID (MTI) Includes: • The ISO 8583 version

    • The Message Class • The Message Function • The Message Origin 0XXX -> version of ISO 8583 (for example: 1987 version) X1XX -> class of the Message (for example: Authorization Message) XX0X -> function of the Message (for example: Request) XXX0 -> who began the communication (for example: Acquirer) 0100 MTI:100 (Authorization Request) 002 Primary Account Number : 4242424242424242 003 Processing Code : 0 004 Amount of Transaction : 1400 007 Transmission Date/Time : 2000-05-25T18:06:41+00:00 011 System Trace/Debit Reg E Receipt Number : 678336 012 Time, Local Transmission : 11:06:41+00:00 013 Date, Local Trans. (Debit/EBT)/Sales Date (Credit) : 2000-05-25T00:00:00+00:00 014 Card Expiration Date : 2020-02-01T00:00:00+00:00 018 Merchant Category Code : 3522 019 Acquiring Institution Country Code : 840 022 POS Entry Mode+ Pin Capability : 120 025 Point of Service (POS) Condition Code : 59 032 Acquiring ID : 498030 037 Retrieval Reference Number : "714518678336" 041 Terminal ID : "4C2ZYB1Y" 042 Card Acceptor ID : "S1PLJJKXXBT0CYD" 043 Alternative Merchant Name/Location : { 043 "card_acceptor_name": “UNDER THE HOOD ", 043 "city_name": "TOKYO ", 043 "country_code": "JP" 043 } 049 Transaction Currency Code : 840 060 Additional POS Information : { 060 "terminal_type": 0, 060 "terminal_entry_capability": 0, 060 "chip_condition_code": 0, 060 "special_condition_indicator": 0, 060 "reserved": 0, 060 "chip_transaction_indicator": 0, 060 "chip_card_authentication_reliability_indicator": 0, 060 "electronic_commerce_indicator": 7 060 } 063 VisaNet Integrated Payment Private Use : 001 Network ID : 0 126 Visa Private-Use Fields : 009 CAVV Data : "ffbf6cd03d0085d20d0bfae02d8fbe3000020000"

  25. require "stripe" Stripe.api_key = "BQokikJOvBiI2HlWgH4olfQ2" Stripe::Charge.create( :amount => 1400, :currency

    => "jpy", :source => { :number => "4242424242424242", :exp_month => 9, :exp_year => 2020, :cvc => "314" }, :description => "αϯϓϧܾࡁ" ) MTI:100 (Authorization Request) 002 Primary Account Number : 4242424242424242 003 Processing Code : 0 004 Amount of Transaction : 1400 007 Transmission Date/Time : 2000-05-25T18:06:41+00:00 011 System Trace/Debit Reg E Receipt Number : 678336 012 Time, Local Transmission : 11:06:41+00:00 013 Date, Local Trans. (Debit/EBT)/Sales Date (Credit) : 2000-05-25T00:00:00+00:00 014 Card Expiration Date : 2020-02-01T00:00:00+00:00 018 Merchant Category Code : 3522 019 Acquiring Institution Country Code : 840 022 POS Entry Mode+ Pin Capability : 120 025 Point of Service (POS) Condition Code : 59 032 Acquiring ID : 498030 037 Retrieval Reference Number : "714518678336" 041 Terminal ID : "4C2ZYB1Y" 042 Card Acceptor ID : "S1PLJJKXXBT0CYD" 043 Alternative Merchant Name/Location : { 043 "card_acceptor_name": “UNDER THE HOOD ", 043 "city_name": "TOKYO ", 043 "country_code": "JP" 043 } 049 Transaction Currency Code : 840 060 Additional POS Information : { 060 "terminal_type": 0, 060 "terminal_entry_capability": 0, 060 "chip_condition_code": 0, 060 "special_condition_indicator": 0, 060 "reserved": 0, 060 "chip_transaction_indicator": 0, 060 "chip_card_authentication_reliability_indicator": 0, 060 "electronic_commerce_indicator": 7 060 } 063 VisaNet Integrated Payment Private Use : 001 Network ID : 0 126 Visa Private-Use Fields : 009 CAVV Data : "ffbf6cd03d0085d20d0bfae02d8fbe3000020000"

  26. MTI:100 (Authorization Request) 002 Primary Account Number : 4242424242424242 003

    Processing Code : 0 004 Amount of Transaction : 1400 007 Transmission Date/Time : 2000-05-25T18:06:41+00:00 011 System Trace/Debit Reg E Receipt Number : 678336 012 Time, Local Transmission : 11:06:41+00:00 013 Date, Local Trans. (Debit/EBT)/Sales Date (Credit) : 2000-05-25T00:00:00+00:00 014 Card Expiration Date : 2018-09-01T00:00:00+00:00 018 Merchant Category Code : 3522 019 Acquiring Institution Country Code : 840 022 POS Entry Mode+ Pin Capability : 120 025 Point of Service (POS) Condition Code : 59 032 Acquiring ID : 498030 037 Retrieval Reference Number : "714518678336" 041 Terminal ID : "4C2ZYB1Y" 042 Card Acceptor ID : "S1PLJJKXXBT0CYD" 043 Alternative Merchant Name/Location : { 043 "card_acceptor_name": “UNDER THE HOOD ", 043 "city_name": “TOKYO ", 043 "country_code": "JP" 043 } 049 Transaction Currency Code : 840 060 Additional POS Information : { 060 "terminal_type": 0, 060 "terminal_entry_capability": 0, 060 "chip_condition_code": 0, 060 "special_condition_indicator": 0, 060 "reserved": 0, 060 "chip_transaction_indicator": 0, 060 "chip_card_authentication_reliability_indicator": 0, 060 "electronic_commerce_indicator": 7 060 } 063 VisaNet Integrated Payment Private Use : 001 Network ID : 0 126 Visa Private-Use Fields : 009 CAVV Data : "ffbf6cd03d0085d20d0bfae02d8fbe3000020000" require "stripe" Stripe.api_key = "BQokikJOvBiI2HlWgH4olfQ2" Stripe::Charge.create( :amount => 1400, :currency => "jpy", :source => { :number => "4242424242424242", :exp_month => 9, :exp_year => 2020, :cvc => "314" }, :description => "αϯϓϧܾࡁ" )

  27. R. F!e"d!ng UC Irv!ne J. Gettys Compaq/W3C J. Mogu" Compaq

    H. Frystyk W3C/MIT L. Mas!nter Xerox P. Leach M!crosoft T. Berners-Lee W3C/MIT June 1999 Network Work!ng Group Request for Comments: 2616 Obso"etes: 2068 Category: Standards Track Hypertext Transfer Protoco! -- HTTP/1.1 Status of th!s Memo Th!s document spec!f!es an Internet standards track protoco" for the Internet commun!ty, and requests d!scuss!on and suggest!ons for !mprovements. P"ease refer to the current ed!t!on of the "Internet Off!c!a" Protoco" Standards" (STD 1) for the standard!zat!on state and status of th!s protoco". D!str!but!on of th!s memo !s un"!m!ted. Copyr!ght Not!ce Copyr!ght (C) The Internet Soc!ety (1999). A"" R!ghts Reserved. 27 MTI:110 (Authorization Request Response) 002 Primary Account Number : 4242424242424242 003 Processing Code : 0 004 Amount of Transaction : 1400 007 Transmission Date/Time : 2000-05-25T18:06:41+00:00 011 System Trace/Debit Reg E Receipt Number : 678336 015 Date, Settlement : 2000-05-26T00:00:00+00:00 019 Acquiring Institution Country Code : 840 025 Point of Service (POS) Condition Code : 59 032 Acquiring ID : 498030 037 Retrieval Reference Number : "714518678336" 038 Authorization Identification Response : "001444" 039 Response Code : "00" 041 Terminal ID : "4C2ZYB1Y" 042 Card Acceptor ID : "S1PLJJKXXBT0CYD" 044 Additional Response Data : { 044 "reason_code": "5", 044 "cavv_result_code": "2" 044 } 049 Transaction Currency Code : 840 062 Custom Payment Service Fields : 002 Transaction Identifier : 467145652018577 062 023 Product ID : "N " 063 VisaNet Integrated Payment Private Use : 001 Network ID : 2 0110 Authorization Response

  28. R. F!e"d!ng UC Irv!ne J. Gettys Compaq/W3C J. Mogu" Compaq

    H. Frystyk W3C/MIT L. Mas!nter Xerox P. Leach M!crosoft T. Berners-Lee W3C/MIT June 1999 Network Work!ng Group Request for Comments: 2616 Obso"etes: 2068 Category: Standards Track Hypertext Transfer Protoco! -- HTTP/1.1 Status of th!s Memo Th!s document spec!f!es an Internet standards track protoco" for the Internet commun!ty, and requests d!scuss!on and suggest!ons for !mprovements. P"ease refer to the current ed!t!on of the "Internet Off!c!a" Protoco" Standards" (STD 1) for the standard!zat!on state and status of th!s protoco". D!str!but!on of th!s memo !s un"!m!ted. Copyr!ght Not!ce Copyr!ght (C) The Internet Soc!ety (1999). A"" R!ghts Reserved. 28 MTI:110 (Authorization Request Response) 002 Primary Account Number : 4242424242424242 003 Processing Code : 0 004 Amount of Transaction : 1400 007 Transmission Date/Time : 2000-05-25T18:06:41+00:00 011 System Trace/Debit Reg E Receipt Number : 678336 015 Date, Settlement : 2000-05-26T00:00:00+00:00 019 Acquiring Institution Country Code : 840 025 Point of Service (POS) Condition Code : 59 032 Acquiring ID : 498030 037 Retrieval Reference Number : "714518678336" 038 Authorization Identification Response : "001444" 039 Response Code : "00" 041 Terminal ID : "4C2ZYB1Y" 042 Card Acceptor ID : "S1PLJJKXXBT0CYD" 044 Additional Response Data : { 044 "reason_code": "5", 044 "cavv_result_code": "2" 044 } 049 Transaction Currency Code : 840 062 Custom Payment Service Fields : 002 Transaction Identifier : 467145652018577 062 023 Product ID : "N " 063 VisaNet Integrated Payment Private Use : 001 Network ID : 2 0110 Authorization Response

  29. { "id": "ch_1AOajA2eZvKYlo2CIU3lpBKV", "object": "charge", "amount": 1400, "created": 1496013796, "currency":

    "jpy", "customer": "cus_Ak4sw0RVzWQrDk", ... "outcome": { "network_status": "approved_by_network", "reason": null, "risk_level": "normal", "seller_message": "Payment complete.", "type": "authorized" }, ... "review": null, "shipping": null, "source": { "id": "card_1AOaig2eZvKYlo2CEh9qjqsM", "object": "card", "address_city": null, "address_country": null, "address_line1": null, "address_line1_check": null, "address_line2": null, "address_state": null, "address_zip": null, "address_zip_check": null, "brand": "Visa", "country": "JP", "customer": "cus_Ak4sw0RVzWQrDk", "cvc_check": "pass", "dynamic_last4": null, "exp_month": 02, "exp_year": 2020, "fingerprint": "Xt5EWLLDS7FJjR1c", "funding": "credit", "last4": "4242", "metadata": {}, "name": null, "tokenization_method": null }, ... } MTI:110 (Authorization Request Response) 002 Primary Account Number : 4242424242424242 003 Processing Code : 0 004 Amount of Transaction : 1400 007 Transmission Date/Time : 2000-05-25T18:06:41+00:00 011 System Trace/Debit Reg E Receipt Number : 678336 015 Date, Settlement : 2000-05-26T00:00:00+00:00 019 Acquiring Institution Country Code : 840 025 Point of Service (POS) Condition Code : 59 032 Acquiring ID : 498030 037 Retrieval Reference Number : "714518678336" 038 Authorization Identification Response : "001444" 039 Response Code : "00" 041 Terminal ID : "4C2ZYB1Y" 042 Card Acceptor ID : "S1PLJJKXXBT0CYD" 044 Additional Response Data : { 044 "reason_code": "5", 044 "cavv_result_code": "2" 044 } 049 Transaction Currency Code : 840 062 Custom Payment Service Fields : 002 Transaction Identifier : 467145652018577 062 023 Product ID : "N " 063 VisaNet Integrated Payment Private Use : 001 Network ID : 2

  30. 26584673 Stripe API infrastructure Card network ML-based
 fraud prevention

  31. F R A U D

  32. I N D U S T R I A L

    M A C H I N E L E A R N I N G • Deep integration with rest of your payments platform • Automatically improves with Stripe network • No manual labeling required, eliminating encoded biases

  33. R A D A R F E AT U R

    E S Address mismatch Billing address Card type Order value IP address Proxy detection Cardholder ID Device ID Card history Card country Newness Gibberish Geolocation Network baselines Blocklists Trusted 
 customers Pasted fields

  34. When a card is used, there’s an 86% chance we’ve

    seen it used before S T R I P E N E T W O R K

  35. ML feature assemblers Stripe API Charge creation Address normalisation Token

    creation Card, IP , e-mail history Browsing/behavioural information

  36. 26584673 Stripe API infrastructure Card network ML-based
 fraud prevention

  37. None