I was contacted by Stripe to let me know that this system is not PCI compliant.
The message states:
“After a review, we noticed that your Stripe integration is transparently sending credit card details through our API. Because personal card details pass through your server, your Stripe integration may not be secure enough to be PCI compliant1, which can have serious implications for your business.”
“If you have a few minutes, I’d love to learn more about your integration. We’d like to improve security for as many Stripe users as possible, so any details you can provide on any developer libraries or plugins you’re using would greatly help. To better understand your integration I’d like to ask how you currently interact with the Stripe API?”
“Going forward, you’ll need to modify your integration to tokenize card details2: by doing so, your customers can securely store their card details on our servers, which should resolve your PCI compliance issue. If you’re using an open-source library or PHP plugin, you can reach out to the maintainers of that library and ask them to provide a fix.”
“You can always use Stripe Elements3 or Checkout4 for a simple payments integration that securely shares card details between your customer and Stripe’s servers in exchange for a simple token. When you pair this with an SSL certificate on your server, you’ll be PCI compliant with minimum effort.”
I would appreciate your attention to this pressing matter.
I dont know why stripe would say that, since no credit card info is being sent directly to them. If you open up /gateways/stripe/ipn.php you will see that token is created using stripe API, which encrypts credit card info, afterwards client is created and transaction processed. There is no issue here, and on top of everything MMP is using the latest strip api, developed by them.
The only thing that you should do is use ssl, on checkout page.
is there an installation guide and a documentation?
In setup, I couldn’t change the location of the folder… it didn’t add the has mark as I have the files in foler1/folder2 ... help
Use, by you or one client, in a single end product which end users are not charged for. The total price includes the item price and a buyer fee.
Use, by you or one client, in a single end product which end users can be charged for. The total price includes the item price and a buyer fee.
View license details
Get it now and save up to $8.50
This item was featured on CodeCanyon
Unlimited downloads only
$29 p/m on Envato Elements
Download over 18,000 items now
Learn almost anything with
Envato Tuts+ for free
9000 free tutorials, 3000 paid courses
Designers matched perfectly to
you on Envato Studio
2000 artists ready to undertake your work