krutarth | Stripe Developers | Page 1

rapid tinselBOT May 4, 2023, 3:56 PM

#

pine garden May 4, 2023, 3:58 PM

#

I don't know what you mean by validity

regal matrix May 4, 2023, 3:58 PM

#

does clientSecret expires?

pine garden May 4, 2023, 3:59 PM

#

Not that I know of, no.

regal matrix May 4, 2023, 4:00 PM

#

So basically I would be able to store the clientSecret in the database and use it later right?

pine garden May 4, 2023, 4:01 PM

#

Yup!

regal matrix May 4, 2023, 4:02 PM

#

Alright, and if it gets leaked, what possible repurcussions may happen?

pine garden May 4, 2023, 4:11 PM

#

It's more or less available to people via the browser when they check out, so it's not entirely hidden all the time. It doesn't have a huge material impact most of the time, but some bad actors can use it to do card testing if you haven't used any other mitigation strategies: https://stripe.com/docs/disputes/prevention/card-testing

Protect yourself from card testing

Learn about this fraudulent activity and how to protect yourself against it.

#krutarth