For customers using Stripe payment gateway who also ensure all payment pages on your website are on HTTPS (SSL), MembershipWorks now uses Stripe Elements to tokenize credit card information. By using tokenized credit card data, Stripe will automatically pre-fill the SAQ A and Attestation of Compliance (AoC) for you, so no action is required on your part to submit proof of your PCI compliance.
To register the use of tokenized card processing with Stripe, sign in to your Stripe account and go to Business Settings > Compliance. Click “I’ve changed my setup”, then select “We only collect card details with tokenization” and “We use SSL on pages where we collect card details” and click “Submit”
Note: A HTTPS connection on your website payment pages is a pre-requisite for PCI compliance. If you do not have a SSL certificate or do not enforce HTTPS on your payment pages, you cannot be PCI compliant.
Comments are closed.