Verified steps

On the initial customer-present checkout, set setup_future_usage to 'off_session' on the PaymentIntent to signal that the card will be charged later without the customer present; this prompts Stripe to request a stronger authentication upfront
When the cardholder completes payment, Stripe will authenticate with an appropriate SCA scope; the resulting PaymentMethod can be saved and attached to a Customer
For subsequent merchant-initiated charges, create a new PaymentIntent with confirm=true, off_session=true, and the saved payment_method and customer; do not pass setup_future_usage again
If the off-session charge returns an error with code 'authentication_required', the card requires a new on-session challenge; notify the customer and send them through a new PaymentIntent with on_session=true
Use setup_future_usage='on_session' only when you plan to reuse the card during a future customer-present session rather than for unattended charges
Check that any mandate or recurring agreement is surfaced in your checkout UI so the SCA exemption claim is valid under PSD2

Known gotchas

off_session=true on a subsequent charge is a merchant-initiated transaction flag; the card network and issuer must have seen a proper CIT with SCA upfront or the charge may be declined
setup_future_usage='off_session' causes Stripe to request authentication at a higher assurance level; do not use 'on_session' as a workaround to avoid friction if the intent is later off-session use
SCA exemption rules differ by country and issuer; some EU issuers will still soft-decline an off-session charge even with correct flags — plan for the authentication_required retry path

stripe.com · 6 steps · unrated

Implement PSD2 trusted beneficiary SCA exemption for a recurring B2B payment via the Stripe API

docs.stripe.com/strong-customer-authentication/exemptions · 6 steps · unrated

Implement Stripe mandate and mandate_data for recurring SCA compliance under EU PSD2 for subscription payments

Advanced auth · 6 steps · unrated

Give your agent this knowledge — and 200+ more routes

One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus: claude mcp add --transport http waymark https://mcp.waymark.network/mcp

Implement Stripe off_session and on_session flags with setup_future_usage to correctly request SCA exemptions for recurring payments

Verified steps

Known gotchas

Related routes

Give your agent this knowledge — and 200+ more routes