• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Payments Plugin for Stripe

Stripe payment plugins for your WordPress site

  • Home
  • Documentation
  • Addons
  • Login
    • Sign In
    • Edit Profile
    • Terms & Conditions
    • My Downloads
    • License Key
  • Support
    • Support Forum
    • Forum Search
    • Forum Login
    • Forum Registration
    • Email Support for Customers
  • Contact Us
  • Show Search
Hide Search
You are here: Home / Topics / Invalid Security Token

[Resolved] Invalid Security Token

· ·

Home › Forums › Stripe Payments Plugin › Invalid Security Token

Tagged: invalid security token

  • This topic has 13 replies, 3 voices, and was last updated 2 years, 8 months ago by Admin.
Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • July 14, 2020 at 3:30 pm #3091
    leavitteldredgeLF
    Participant

    Hello,

    What could cause an Invalid Security Token when processing a payment?

    The information the customer gave was:
    “I get an “invalid security token error” when I use the website to pay. I’ve tried two different browsers”

    Look forward to your response. Anything will help of why a customer could get this error, thank you.

    ——————–

    Also, does it matter what browser they use for your plugin?
    What version they use?

    Do you have guidelines that customers must follow in order for the payment to be successful?

    Such as if I use Internet Explorer 9, would this cause me to have any issues making a payment with your plugin?

    Thank you
    Jennifer

    July 14, 2020 at 4:06 pm #3092
    alexanderfoxc
    Participant

    Hi Jenniffer.

    Looks like caching settings on your server prevent security token to be updated properly, which results in the error message your customer received.

    I suggest you to disable Prefetch Payment Popup Scripts option on plugin settings page (Advanced Settings tab).

    If this isn’t helping, you should configure your server not to cache payment popup page. Following URL mask should be excluded: {yourwebsite.com}/?asp_action=show_pp. This should prevent security token from being cached and not properly regenerating for each page visitor.

    July 14, 2020 at 4:12 pm #3094
    leavitteldredgeLF
    Participant

    Okay I disabled Prefetch Payment Popup Scripts.

    Yes we have Sucuri Firewall. So I will go in and make sure this page is not cached. Thank you for telling me.

    I will let you know if this continues.

    Thank you for the quick reply 🙂
    Jennifer

    July 14, 2020 at 4:21 pm #3095
    leavitteldredgeLF
    Participant

    This is a separate question and I was wanting to know do I need a new support ticket or can I ask here.

    So here is my question and just let me know.

    We want to use your subscription plugin but it requires me to place a test webhook status:
    “Test Webhook Status No API key provided. (HINT: set your API key using “Stripe::setApiKey()”. You can generate API keys from the Stripe web interface. See https://stripe.com/api for details, or email [email protected] if you have any questions.”

    However, I cannot put our Stripe on test. We have live payments coming in constantly and had I known that your plugin requested this while I was in test mode I could have provided this information.

    Stripe said it would not be best to switch from live to test.

    Can you fix this to where you do not require a test webhook status and just a live webhook status.

    Can you please help me with this, thank you 🙂
    Jennifer

    July 14, 2020 at 7:03 pm #3096
    leavitteldredgeLF
    Participant

    Can you please answer the last part of my questions from my original support question.

    Also, does it matter what browser they use for your plugin?
    What version they use?

    Do you have guidelines that customers must follow in order for the payment to be successful?

    Such as if I use Internet Explorer 9, would this cause me to have any issues making a payment with your plugin?

    July 14, 2020 at 11:42 pm #3097
    Admin
    Keymaster

    You shouldn’t need to put it in test mode. You can copy the test and live API keys both from your Stripe account and then paste it in the plugin’s settings. Do you have the test API keys set/saved in the settings?:

    General Settings Configuration of the Stripe Payments Plugin

    Even if you need to setup a webhook in testmode, you can do that very quickly by going to test mode and creating the hook and then switching back to live (should take only 5 seconds). You can do that at a time of the day when the site goes through a quiet period.

    The only guideline is to use latest version of any browser. Then it will work fine. If a browser version is older than 2 years (for example) then there is no guarantee since we don’t test for such old versions. Latest browser version should be used for security reasons also.

    July 15, 2020 at 8:11 pm #3106
    leavitteldredgeLF
    Participant

    I did the changes you requested but we are still having problems with Invalid Security Token.

    Is there another reason why this could be happening?

    July 16, 2020 at 12:26 am #3111
    Admin
    Keymaster

    I will take a look inside your site to see what I can find. I have sent you an email for it.

    July 16, 2020 at 8:42 am #3116
    alexanderfoxc
    Participant

    I have added a new option Disable Security Token Check to the testing version of the plugin. You can get it here https://s-plugins.com/testing-version/

    Enable it (Stripe Payments -> Settings, Advanced Settings tab, Experemintal Settings
    section) and it should make Invalid Security Token issue go away. Since you’re using reCaptcha on your payment form, it’s okay to disable Security Token as reCaptcha acts as security token in this case.

    July 16, 2020 at 6:47 pm #3121
    leavitteldredgeLF
    Participant

    Do I keep all my other plugins enabled and add this plugin on top of what I have?

    July 16, 2020 at 6:50 pm #3122
    alexanderfoxc
    Participant

    Delete current Stripe Payments plugin you have installed. Then download the one from https://s-plugins.com/testing-version/ , install and activate it. And enable the new option as explained in my previous message.

    Once new stable version of Stripe Payments is released (should be pretty soon), make sure to update your testing version to stable version via WP Dashboard when prompted.

    July 16, 2020 at 7:18 pm #3123
    leavitteldredgeLF
    Participant

    Okay thank you for that clarification 🙂

    Jennifer

    July 16, 2020 at 9:57 pm #3124
    leavitteldredgeLF
    Participant

    This is the message I received from Stripe support. Does this make any sense to you and can this help you or does this even involve your plugin?
    —————————–

    Hi Jennifer,

    Thank you for taking my call today. It was a pleasure talking to you. I just wanted to quickly touch base with you about the conversation we just had.

    By looking into this further, I’m not seeing any plugin to connected to your Stripe account.

    Meanwhile, I checked your dashboard logs and I can see 400x error code (invalid_request_error). This errors arise when your request has invalid parameters.

    https://stripe.com/docs/api/errors#errors-invalid_request_error

    With this being said, I would recommend for you to save the card details with a Customer. You can also attach the Payment Method to that object if there’s already an existing customer object. Below is additional info on that:

    https://stripe.com/docs/api/customers.

    https://stripe.com/docs/payments/save-after-payment#web-create-payment-intent

    Thanks again for reaching out. If you run into issues still, just reply directly to this email and I will gladly do all that I can. I am here for you.

    All the best,
    Inee

    July 17, 2020 at 12:48 am #3125
    Admin
    Keymaster

    Hi Jennifer, Let us know if you see the new error after you use the testing version (given by Alex).

    Also, keep the debug logging enabled so you can tell us if the transaction completes correctly on your site or not:

    Using the Debug Log to Solve Transaction Related Issues on a Site

  • Author
    Posts
Viewing 14 posts - 1 through 14 (of 14 total)
  • You must be logged in to reply to this topic.
Log In

Primary Sidebar

Featured Addons and Extensions

  • Subscription Payments Addon
  • Additional Custom Fields
  • Secure Downloads Addon
  • Apple Pay, Google Pay, Afterpay

Addon Bundle

Stripe Payments Addon Bundle

Support Links

  • Support Forum
  • Support Contact

Search

Copyright © 2023 | Stripe Plugins | A member of the Tips and Tricks HQ family.