Usually, what happens is that the customer is redirected to the PayTabs payment page to perform the payment and after completing the payment, whether it's authenticated, declined, or even canceled, the customer is redirected back to your website. That's when the customer finds his session is expired, and he has logged out automatically. 


In this article you will be going to know about:

How to investigate the reason that caused this error?


Each time the customer redirects back to your site, he has been either redirected to an empty cart or forced to log in again to proceed.


Reason #1: Your site still adopts the old standard SameSite cookies (ETF 2016).

 

This means that this is a generic issue and out of Paytabs' scope. It's related to your website configurations (SameSite Cookie Option). 


The story began earlier in the 2020s when web browsers started to apply new security updates that affect cookies usage after redirecting by any 3rd party integration (such as our service). We, as a 3rd party integration, cannot change the default cookie option for the main website & the other integrations.

 

What is this SameSite Cookie option?


The SameSite attribute on a cookie controls its cross-domain behavior. The SameSite update is required website owners to explicitly state label the third-party cookies that can be used on other sites. Cookies without the proper labeling won’t work in the updated browsers (Chrome 84 and up, Firefox 69 and up).

The default value for SameSite will be "SameSite=Lax", which means cookies are only set when the domain in the URL of the browser matches the domain of the cookie — a first-party cookie.

And that will affect all integrations that depend on redirection to another website.

 

So, in conclusion, this issue must be handled by your technical team or the eCommerce support team itself.


What we recommend is if you are using our Magento plugin to check the published solution (or this solution) they announce for such an issue on their forums. And if you are using the .NET framework, you may like to look this up further in their .NET forums and support related articles.

 

But if you are customizing your own solution based on our PT2 API Endpoints, you can pass your session information within a pre-defined parameter to PayTabs, and it will pass it to you after the payment within the response. To know more about this, please check our Send & Recieve Pre-Defined User Fields solution article.