Hello,
I've installed the default stripe extension, and cretit card details appear to be entered onsite and on 'mywebsite' server, rather than on the stripe server.
With the default Stripe extension does any processing, or transmission of any cardholder data take place on 'my sites' server and then passed to the Stripe server? Or are credit card details entirely entered and processed on the Stripe server ?
I need to understand this as i'm in the UK, and need to know if its PCI DSS compliant and eligible for PCI SAQ A? UK <a href="https://www.pcisecuritystandards.org/pci_security/completing_self_assessment"> PCI Self Assessment Criteria</a>
I'm considering both the Default and Advanced Stripe options.
Thanks
Starting in v1.2.11 stripe payment was updated to comply with latest PCI DSS from Stripe.
In over words, credit card details are not passed via your server or AbanteCart backend any more.
Creditcard details are passed through stripe server and tokenized.
These details shared only between customer's browser and Stripe.
Similar approach is with CardConnect that was introduced with v1.2.11. CardConnect certified AbanteCart as PCI DSS
Great thats good news thank you !