When using Stripe with a HostedPCI option in the Elevate Payment Processor Options.
Be aware that Stripe has a warning when used with HostedPCI. Stripe warns that they can't guarantee that the payment is secure because the security and PCI compliance and tokenization is handled by HPCI, instead of by Stripe.
The HostedPCI then securely passes just the encrypted data they need to process the card, to Stripe.
This does not in any way lessen the security of the transaction
Here Stripe outlines the steps that need to 1st happen on their end to enable this functionality: https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis
Once they have enabled access -
The following Stripe Account Settings will need to be changed:
- In the Stripe dashboard go to Settings and then to Integration.
- Toggle the setting for Handle card information directly (Fig. 1)
Fig. 1 - Handle Card Information Directly
- This will load a popup window (Fig. 2) with three checkboxes, check each one and for the final one, in the dropdown that appears select “I collected payment information securely through a PCI compliant third party vendor”, and specify “HostedPCI” in the textbox.
Fig. 2 - Popup Window
- Select “Continue” to save the settings.
Not making these changes in the Stripe account will result in the following error when a credit card payment is attempted.
Fig. 3 - Error
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article