Incident Report: Error message shown on payment attempt
Thursday, September 06, 2018
On August 31st, a participant attempted to pay for an event. However, upon submitting their credit card details, Doorkeeper crashed, showing them a generic error message. The participant then contacted us about the error, and asked us to confirm their payment status.
Upon investigation by Doorkeeper, we confirmed the charge didn't go through, and so we manually reattempted to charge their credit card. As the reattempt was successful, we issued a ticket to the participant, and let them know the issue was successfully resolved.
This report is in accordance with our previously announced policy to publicly disclose any issues related to event registration.
Incident Timeline
2018-08-31
The participant submits their credit card details information via Stripe, which returns us a token. Upon using that token to create a charge, Stripe's API returns an error indicating something went wrong on their side. As Doorkeeper doesn't explicitly handle that type of error, we show the participant a generic error message. This also triggers an automatic alert informing us of the problem.
Upon seeing the error message, the participant contacts Doorkeeper about the problem. Doorkeeper confirms that the charge hadn't gone through successfully. Doorkeeper removes the "processing payment" state from the registration, so that the participant is no longer be blocked from going through the payment process. We contact the participant, asking them to complete prepayment once more.
Doorkeeper contacts Stripe, asking how we can better handle issues like this in the future. Stripe replies, pointing out that we could retry the charge attempt.
Doorkeeper confirms that the participant hasn't yet gone through the payment process again. Because of this, we reattempt the charge, which this time goes through successfully, and so we issue a ticket to the participant. We contact the participant once more, telling them we were able to successfully charge their credit card, so they don't need to go through the payment process again after all. Doorkeeper also contacts the organizer of the event, informing them of the issue and our resolution to it.
2018-09-04
Doorkeeper introduces improved error handling for when Stripe's API returns previously unhandled error codes.
Root cause and remediation
When using the token we received from Stripe to attempt to charge a participant, Stripe's API returned an error with the code api_error
, indicating something went wrong on their side. As Doorkeeper didn't explicitly handle that type of error, our application crashed, showing a generic error message.
According to Stripe's documentation, "API errors cover any other type of problem (e.g., a temporary problem with Stripe's servers), and are extremely uncommon". Indeed, since Doorkeeper has introduced Stripe, we've only received one on one other occasion in February of 2016. That being said, Doorkeeper should have handled this error more gracefully.
With errors like this, we have two competing goals. On the one hand, we want to be able to resolve them as quickly as possible, ideally with no intervention on Doorkeeper's side. On the other hand, we don't want to make the situation worse, and end up charging the participant multiple times for instance.
Because errors like this are so rare, we've decided to not implement an automatic method of reattempting to charge a participant should we experience an error like this. Rather, we'll show a message to the participant indicating that we're processing their payment, and automatically send us an alert about the problem. We've also added documentation that clearly indicates how we should handle this situation, which will help us to quickly address similar problems in the future.