gewa13 supports this item


1823 comments found.

Hi there,

I was contacted by Stripe to let me know that this system is not PCI compliant.

The message states: “After a review, we noticed that your Stripe integration is transparently sending credit card details through our API. Because personal card details pass through your server, your Stripe integration may not be secure enough to be PCI compliant1, which can have serious implications for your business.”

“If you have a few minutes, I’d love to learn more about your integration. We’d like to improve security for as many Stripe users as possible, so any details you can provide on any developer libraries or plugins you’re using would greatly help. To better understand your integration I’d like to ask how you currently interact with the Stripe API?”

“Going forward, you’ll need to modify your integration to tokenize card details2: by doing so, your customers can securely store their card details on our servers, which should resolve your PCI compliance issue. If you’re using an open-source library or PHP plugin, you can reach out to the maintainers of that library and ask them to provide a fix.”

“You can always use Stripe Elements3 or Checkout4 for a simple payments integration that securely shares card details between your customer and Stripe’s servers in exchange for a simple token. When you pair this with an SSL certificate on your server, you’ll be PCI compliant with minimum effort.”

I would appreciate your attention to this pressing matter. S

I dont know why stripe would say that, since no credit card info is being sent directly to them. If you open up /gateways/stripe/ipn.php you will see that token is created using stripe API, which encrypts credit card info, afterwards client is created and transaction processed. There is no issue here, and on top of everything MMP is using the latest strip api, developed by them.
The only thing that you should do is use ssl, on checkout page.


is there an installation guide and a documentation?

Best regards


In setup, I couldn’t change the location of the folder… it didn’t add the has mark as I have the files in foler1/folder2 ... help