Verifying and validating requirements

To be eligible for the simplest form of PCI validation, SAQ A, only collect card information using Checkout, and Elements, or our mobile SDKs.

You can also make use of a third-party integration, such as an invoicing service or online marketplace, to ensure that you’re processing charges in a secure manner.

You are then responsible for ensuring the protection of card data in accordance with the PCI compliance requirements.

Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a PCI Level 1 Service Provider.

If you only use our mobile SDKs or an Elements-based Web View, you can inform your PCI auditor that card numbers pass directly from your customers to Stripe.

Should you do otherwise, such as writing your own code to send card information to the Stripe API, you may be responsible for additional PCI DSS requirements (6.3 - 6.5) and not be eligible for an SAQ A.

These require that businesses use input fields hosted by a payments provider in order to be eligible for the simplest PCI validation method.

We’ve designed both Checkout and Elements with these changes in mind so that you can continue to validate using SAQ A without losing much of the flexibility and customizability of a form hosted on your website.

Search for verifying and validating requirements:

verifying and validating requirements-4

Leave a Reply

Your email address will not be published. Required fields are marked *

One thought on “verifying and validating requirements”

  1. This overview page of all females of Megacams contains all girls, milfs, matures and grannies. Down the page you can use the pagination to go to the next page instantly.