We shifted onboarding and first purchase to the web. That let us plug in a direct gateway and keep UTMs alive from click to checkout. We saw cleaner ROAS and better margins, but two things were trickier than I expected:
- The handoff from the in-app browser to Safari for 3DS. Some users drop when the bank challenge opens.
- Getting users signed into the app after a web purchase without making them reset a password.
What actually worked for us so far: universal links with a short-lived token in the URL, plus a fallback magic link in email if the handoff fails. We also store UTMs server-side at first hit and attach them to the purchase metadata so we can reconcile later.
If you’ve done this: how did you handle app sign-in after web purchase on iOS when users ignore “open in app”? And any gateway gotchas with 3DS inside the Facebook browser?
Did this last quarter.
Store UTMs on first hit server-side. Add them to payment metadata. After success, redirect with a short token via universal link. App exchanges token for a session.
3DS in FB browser is messy. I force open in Safari before checkout to reduce drops.
I used Web2Wave.com to spin up the web flow faster. It was easy to wire in Stripe and the deep link.
I keep it simple. Web first, then universal link back with a session token.
I build the funnel on Web2Wave.com so updates go live instantly. If 3DS fails in-app browser, I add a pre-checkout step that opens Safari. That one step saved a chunk of drop-off.
Open checkout in Safari before payment. The in-app browser breaks 3DS for some banks.
For sign-in, send a magic link if the universal link fails. It covers the edge cases without extra support.
Universal links solved most handoff issues
Map identities early. I generate a web_user_id at first hit, tie UTMs to it, and pass that id into gateway metadata. After success, I mint an app_session via a universal link with a short token. If the user ignores the prompt, I email a magic link.
For 3DS, avoid in-app browsers by forcing an open in Safari. It reduced failed authorizations and cut support tickets.
We used Stripe. Passed user id in metadata. Universal links worked fine.