Payment Error Investigation
Please explain above about the issue and solution
—
### 🧾 **Issue Summary**
– **User:** Lynn Doyle
– **Date:** July 14, 2025
– **Platform Used:** Facebook (possibly Facebook In-App Browser)
– **Problem:**
– Attempted to book tickets for Fossettscircus show.
– Entered all personal and bank details.
– Received a **payment error** (detailed below).
– **Payment was deducted** from her bank account.
– **No confirmation email or ticket** was received.
—
### ❌ **Error Message Received**
> “The provided payment method was previously used with a payment without customer attachment shared with a connected account without customer attachment or was detached from a customer. It may not be used again. To use a payment method multiple times you must attach it to a customer first. There was an error during the transaction. Payment not performed.”
This is a **Stripe-related error** indicating the following:
– The card/payment method was previously used **without attaching to a Stripe customer**.
– That payment method **cannot be reused** unless it is first attached to a Stripe customer object.
– Stripe **declined the payment**, yet the user’s bank shows the amount was **deducted (authorized)**.
—
### 🕵️ **Suspected Root Cause**
1. **Facebook In-App Browser Issue**:
– Facebook opens external links in a mini in-app browser, which may block or limit:
– Third-party cookies
– JavaScript execution
– LocalStorage/sessionStorage
– This can interfere with Stripe’s hosted fields, session tracking, or webhook callbacks.
2. **Customer not created properly** in Stripe:
– Payment method may not be attached to a customer (or was previously used without creating a customer).
– This breaks Stripe’s **reuse** rule for that card.
3. **Webhooks / Confirmation Failure**:
– Even if Stripe authorized the payment, if your WooCommerce site failed to receive the webhook or process the order, the customer may not receive an order confirmation.
—
### ✅ **What You Should Do (as Developer or Admin)**
#### 1. **Check Stripe Logs**
– Go to [Stripe Dashboard → Developers → Logs](https://dashboard.stripe.com/test/logs).
– Search for:
– Payment attempt by **Lynn Doyle**
– Her phone number or partial card details if available
– Look for the **status** of the transaction (likely `requires_customer` or `incomplete`)
– Confirm if `payment_intent` was created and failed due to customer attachment issues.
#### 2. **Check WooCommerce Orders**
– Search in **WooCommerce > Orders** for:
– Her name
– Phone number
– Date: July 14
– See if an order is marked as **"Failed"** or missing entirely.
#### 3. **Search by Customer Email or Meta**
– If you collect metadata or use session-based customer data, you can:
– Check if a **session expired prematurely**
– Or **webhook from Stripe didn’t fire or wasn’t received**
#### 4. **Check if Request Originated from Facebook**
– Use WooCommerce plugin (like WP Security Audit Log or a custom script) to log `HTTP_USER_AGENT` and `HTTP_REFERER`:
– Facebook in-app browser will have `User-Agent` like `FBAN/FBIOS; FBAV; FB_IAB`.
—
### 🔧 **How to Prevent This in Future**
#### Option A: Disable Checkout via Facebook In-App Browser
– Show a **banner or modal warning** users when Facebook browser is detected.
– Ask them to **open the site in Chrome or Safari**.
if (navigator.userAgent.includes('FBAN') || navigator.userAgent.includes('FBAV')) {
alert("For a smoother experience, please open this page in your default browser.");
}#### Option B: Always Attach Customers in Stripe
– When initializing a Stripe payment, ensure the `customer` object is created and attached before reusing any payment method.
// Example pseudocode
$customer = StripeCustomer::create([
'email' => $email,
'payment_method' => $paymentMethodId,
]);
$paymentIntent = StripePaymentIntent::create([
'amount' => $amount,
'currency' => 'eur',
'customer' => $customer->id,
'payment_method' => $paymentMethodId,
'off_session' => true,
'confirm' => true,
]);—
### 📞 **What to Tell the Customer (Lynn Doyle)**
> Hi Lynn,
> We sincerely apologize for the trouble you experienced. It appears the transaction was attempted through Facebook’s in-app browser, which can sometimes cause technical conflicts with our payment system.
> While your bank may have temporarily held the funds, the payment was not successfully processed, and no order was generated on our system.
> Your bank should automatically release the held amount within a few working days.
> We recommend trying again using your mobile or desktop browser (e.g., Chrome or Safari) directly via our website.
> Please let us know if you'd prefer us to reserve your tickets manually.
—
Would you like help drafting the message to Lynn or setting up Facebook browser detection on your site?
Issue and solution to client
—
Hi Lynn,
Thanks for reaching out. It looks like the payment attempt through Facebook’s in-app browser caused an error, and the order didn’t go through—even though your bank may have temporarily held the funds. This hold will be automatically released by your bank shortly.
Please try booking again directly via our website using a regular browser like Chrome or Safari. Let us know if you'd like us to assist with your booking.
Best regards,
[Fossettscircus Support]
—
Let me know if you want to personalize it further or add booking details.
—
### **Issue:**
A customer (Lynn Doyle) experienced a failed transaction while booking via Facebook's in-app browser. Although the payment was authorized by the bank, Stripe rejected it due to the payment method not being attached to a customer. No order was created, and no confirmation was sent.
This issue was previously reported and seems specific to bookings made through Facebook links.
—
—
### **Issue (Technical):**
The customer initiated a booking via Facebook’s in-app browser, which likely blocked key session or cookie data. As a result, during the Stripe checkout process, the payment method was not attached to a customer object. Stripe returned the error:
> *"The provided payment method was previously used without customer attachment…"*
Although the payment was authorized by the bank (resulting in a temporary hold), the `payment_intent` failed, and no WooCommerce order was created. Since webhook callbacks or session tracking may have been disrupted, the transaction wasn't finalized.
—
### **Solution:**
1. Implement Stripe logic that **always creates and attaches a customer** before confirming payment.
2. Add **user-agent detection** to identify Facebook in-app browsers and prompt users to open the site in a standard browser (e.g., Chrome/Safari).
3. Optionally log such transactions and failed webhook attempts for easier tracing.
—
Let me know if you’d like this added to the project documentation or if code changes are needed.