Important note for Stripe Payment Integration Users: Due to changes in PCI-DSS compliance requirements set by Stripe, we have modified how payments are processed through the Stripe integration. This release went live on October 27th, 2015 and there are some important changes to be aware of which may affect your Forms and Data. For those integrating with a Stripe payment processor, please make note of the Action items and release notes outlined below.
Important details for Stripe Users
- Check your authentication. If you are using an old authentication method to connect Formstack and Stripe, you will need to re-authenticate by deleting and re-adding the integration to your Form. Users that require a re-authentication will be notified in the App and see a notice in their Stripe settings for any affected Forms. Re-authenticating will ensure your Form can connect with the Stripe API endpoints which is a requirement to process a successful payment.
- Understand how Credit Card data will be stored. Once these changes are live, Form owners will not have visibility to Credit Card details including Card Numbers and CVCs when the payment is processed through Stripe. Instead, only the last four digits of the billing card will be captured with the Submission. This will only affect Submissions going forward, data collected prior to the release will be unaffected.
What you can expect
- The interaction for the Form User will be completely on-Form. This means the Form Submitter will never be redirected away from the Form to make their payment via Stripe; they will simply fill out the Form and submit; Formstack/Stripe will take care of the rest. comment
- Payments and Submissions entered prior to October 27, 2015 will not be affected by these updates.
- This update only affects the Stripe integration, other payment processor integrations are not included in these changes.
- Forms integrating with Stripe will sanitize all credit card details in the Submissions therefore the credit card details will not be accessible through the Submission nor will they touch the Formstack servers.
The following flowchart can be used to assist in troubleshooting any failed payments through Stripe