george.segovia | Stripe Developers | Page 1

rugged sigilBOT Sep 15, 2023, 3:10 AM

#

ancient pumice Sep 15, 2023, 3:11 AM

#

Are you also updating your backend to use PaymentIntents API?

wind thicket Sep 15, 2023, 3:12 AM

#

Yes, I should have mentioned it as well 🙂

ancient pumice Sep 15, 2023, 3:14 AM

#

OK, Stripe.js v2 create sources object, and you can still use sources with PaymentIntents API

#

Having said that, it's recommended to update to v3 as soon as possible https://stripe.com/docs/stripe-js/elements/migrating

Migrating to Stripe Elements

Learn how to migrate your existing Stripe.js v2 checkout flow to Stripe Elements.

wind thicket Sep 15, 2023, 3:18 AM

#

Are you talking about the Sources API that has been marked as deprecated?

I am asking, since the whole effort to update to V3 is not use any deprecated APIs at all 🙂

ancient pumice Sep 15, 2023, 3:19 AM

#

Yes

#

Then you should use v3 instead of v2.

wind thicket Sep 15, 2023, 3:22 AM

#

Ideally, we would like to keep using the previous UI we already had built to collect the user's payment info.

However, I see that using a custom form to collect payment data, is not recommended: https://stripe.com/docs/security/guide#validating-pci-compliance

Can you confirm this ☝️ ?

ps. Trying to understand the effort needed and what would be the impact to our current UX flow

Integration security guide

Ensure PCI compliance and secure customer-server communications.

ancient pumice Sep 15, 2023, 3:25 AM

#

OK, if you want to use your own UI to collect senstive card information, you need to fulfil SAQ D requirement. This is the most difficult PCI compliance and I'd strongly suggest you to check with your compliance team whether it's worthy to go for this integration path.

wind thicket Sep 15, 2023, 3:38 AM

#

Otherwise we should use StripeElements?
Or even the individual fields exposed from Elements? i.e. stripe.elements.create('cardNumber') / `stripe.elements.create('cardExpiry')

#george.segovia