hi guys,
we're getting the following notice from stripe. they literally aren't processing our payment because of your integration method. we only got this since the last update of cbsubs. i don't know if something is different but PLEASE help us with this. we have large events coming up tomorrow and we cannot even accept payments!
Hello there, and welcome to Stripe!
We noticed that you are passing your cardholder's full credit card number to Stripe's API. We strongly discourage you from handling this information directly because doing so:
Potentially exposes your customer's sensitive data to bad actors
Excludes your payments from protection by Radar, Stripe's fraud protection solution
Requires your business to meet complex and burdensome PCI compliance requirements
To keep your customer's information safe, we were unable to process the unsafe charge you just sent us. In order to process payments securely on Stripe, change your integration to collect payment information using tokenization. Tokenization ensures that no sensitive card data ever needs to touch your server.
In rare cases, you may have to continue handling full credit card information directly. If this applies to you, you can enable unsafe processing in your dashboard.
For any questions, just reply to this email and we'd be happy to help.
Yours,
The Stripe Team
Stripe, 185 Berry Street, Suite 550, San Francisco CA 94107
krileon
