PCI Complianceclick to copy hyperlink to this page

PCI DSS is the Payment Card Industry Data Security Standard. More information about this can be found here: link to wikipedia >

Stripe

We use Stripe Inc’s systems to process payment transactions. They make the following statement about their PCI compliance:

Is Stripe PCI compliant?     In a word - Yes

Stripe has been audited by a PCI-certified auditor, and has in turn been certified as a PCI Level 1 Service Provider, the most stringent level of certification available. You can confirm our certification in Visa’s registry of service providers.

Stripe is also a participant in the PCI Security Standards Council.” Stripe Inc. March 2014. Here’s a link to their statement… Stripe statement >

How we use Stripe:

Stripe provide a code module that has been integrated into our application to handle the payment card details provided by the customer. These details are sent directly to Stripe in an encrypted form.

The payment card details are not received by, and not held anywhere, on any of our servers. To be clear, we never receive and therefore cannot store the following items on our servers: Primary Account Number (PAN) or Card Verification Code (CVC).

The application does temporarily contain the PAN and CVC when entered by the app user until the card has been tokenised by Stripe. Once tokenised the application does not retain anything other than the last 4 digits of the card number so we can display this information enabling the customer to see which card is being used. The application also keeps the expiry date (which it never displays) so that it knows when to ask for new payment details once the old ones have expired. Both the expiry date and last 4 digits are stored in the devices encrypted password store and are only available for the applications use.

Stripe provides us with a token that is used by our server as a proxy for the actual payment card. This token can only be used by us through the Stripe service. The token is of no use to a third party and cannot be used as a credit card number.

NOTE: This page contains links to third party websites, we provide these links to assist you. We are not responsible for any information provided by these sites or for the consequences of acting on their content.

Last modified

  • Follow us
Frootly logo

Helping retailers get closer to their customers, by putting their shop right in their customer's pocket

© Copyright 2014-2018 - All rights reserved - Frootly is a service provided by Froothaus Limited

Top