The Community forums are being phased out in favor of a new Slack group.
Add your email address below to get an invitation to join the community slack group

Help Desk

Quick Links

New Discussion

Stripe Payments

February 5, 2018 at 6:39 am

The way I understand the Stripe addon is that I collect the users credit card number - why doesn't that mean I need to get PCI compliant etc.?

I like the idea and convenience but I worry about the security.

vfontjr
February 5, 2018 at 9:18 am

CC numbers are not stored on your site. The details are collected directly by Stripe through their API and transaction results are returned to the site. Even though, Stripe is handling the payments details, I have a client in California that was recently audited and the state forced them to have a PCI compliant site even though they were not storing CC numbers in their database. Luckily, they are hosted on SiteGround. SiteGround's Go Geek and higher hosting accounts are guaranteed to be PCI compliant if you have a SSL certificate and dedicated IP address. All we had to do is add the dedicated IP address. It's better to be safe than sorry.

Bob Webb
February 6, 2018 at 12:22 am

Thanks for the info - it does seem like the best/right way of utilising this is by getting yourself in a PCI compliant position which reduces the attractiveness of the option.

Discussion closed.

Quick Links

Labels

Notifications