Reputation: 3948
Is there a possibility that I'll make the Stripe payment in my app less secured due to wrong implementation?
I am trying to implement stripe in my app, and currently having a bit of a hard time. Like anything else I believe that eventually I'd be able to make it work, but my main concern is that I won't implement it properly, and as a result I'll make the payment less secure that it should be.
Is there a base to my concerns? The last thing I want is to compromise my users credit cards.
I am trying to use the standard implementation and collect the card details with their card input widget.
Upvotes: 0
Views: 61
Answers (2)
Reputation: 5470
If you're using Stripe's preferred integrations such as Elements or Checkout, raw card details are always handled within an iframe controlled by Stripe. As such they will never touch your server or be accessible to your code.
That said, there are other potential vulnerabilities in a web application to consider and mitigate (XSS, SQL injection, sanitation of user inputs, server mis-configs or outdated packages) but these aren't specific to collecting card details through Stripe.
Upvotes: 1
Reputation: 908
I don't think security should be a concern, that's what stripe is for. Improper implementation won't make it less secure. You just won't get the right response.
FYI - https://stripe.com/docs/security/stripe https://stripe.com/docs/security
As long as you follow the official documentation, you are good to go.
Upvotes: 1
Related Questions
- Stripe payment integration on Android
- Stripe Integration in Android Studio
- Stripe Connect Android
- Android + Stripe = Performing Idempotent Charge Requests?
- Android stripe receive payment?
- Is it safe to use a Stripe secret api key inside an Android app?
- Security concerns with using Stripe checkout over Cordova
- Is my customization to the stripe flow secure?
- Integrating stripe with android app
- Stripe payment gateway in android