Stripe Add-On / PCI Compliance

WordPress Event Management, Calendars & Registration Forums General Question Stripe Add-On / PCI Compliance

This topic contains 2 replies, has 2 voices, and was last updated by  Chris Dunst 8 months, 1 week ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • February 27, 2023 at 3:02 pm #42425

    Hi Stephen,

    We have the Stripe add-on configured for a client, and I note your description of the Stripe add-on specifically mentions PCI compliance isn’t needed.

    Looking at the front-end payment fields, the inputs aren’t in small iframes as I’ve seen elsewhere for ‘hosted payment’ add-ons.

    Out of all the plugin authors we work with, I’d take your word on this over anyone’s – I just wanted to check there wasn’t an option I’d missed to toggle the way it operates (hosted vs pulling in iframes from Stripe’s servers)?

    Thanks in advance,
    Chris

    Chris Dunst
    April 6, 2024 at 5:23 pm #43797

    Hi Chris,

    Apologies I missed this forum post, but PCI compliance is handled by the Steipe library.

    The way it works is that the payment details entered are sent straight from the browser to Stripe which responds with a token, that token is all that is sent to your servers and is used to charge the card.

    So in short no credit card details are sent to your server

    Stephen Harris
    April 12, 2024 at 10:41 am #43823

    Hi Stephen, please ignore this thread now, it was my mistake.

    We were looking at an older version of the Stripe plugin on a different client’s site, and it didn’t have the iframes.

    We purchased another licence for the recent client, and this one does have the iframes as one would expect, so all good.

    Thanks for your help.

    Chris Dunst
  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
To enable me to focus on Pro customers, only users who have a valid license for the Pro add-on may post new topics or replies in this forum. If you have a valid license, please log-in or register an account using the e-mail address you purchased the license with. If you don't you can purchase one here. Or there's always the WordPress repository forum.