naveen_57769 | Stripe Developers | Page 1

craggy crestBOT Feb 1, 2024, 7:43 AM

#

Hello! We'll be with you shortly. Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

naveen_57769, 11 hours ago, 27 messages

keen parrot Feb 1, 2024, 7:43 AM

#

Hello

mellow jungle Feb 1, 2024, 7:44 AM

#

Are you PCI level 1 compliant or complete SAQ-D? Only when one of them is fulfilled, you are then eligible to collect raw card information to Stripe. Otherwise, card information should be collected by Stripe.js

#

Here's the security integration guide for your information: https://stripe.com/docs/security/guide

Integration security guide

Ensure PCI compliance and secure customer-server communications.

keen parrot Feb 1, 2024, 7:45 AM

#

Let me elaborate my query

#

Our client is having multiple number of Employees. He has also provided them with Prepaid master cards (Debit cards). These Employees use our client application as Software as a Service (SAAS). Now he needs to charge them a Subscription fee every month for using his application

#

Employee agree to T&C where Client can charge them subscription fee monthly

#

But this needs to happen Behind the scenes. Not like a Employee entering his card number, cvc, expiry and then going through 3D authentication

#

There should be no Employee interference

#

So now he is providing them cards, so even he has card details

#

So can you please in what way this can me made working ?

#

Is there any chance to roll the ball in this way ?

mellow jungle Feb 1, 2024, 7:54 AM

#

Tokenisation with Stripe with raw card details and further collecting payment is only possible if you are PCI level 1 compliant or complete SAQ-D

#

I'd recommend checking the guide here: https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis

Enabling access to raw card data APIs : Stripe: Help & Support

Find help and support for Stripe. Our support site provides answers on all types of situations, including account information, charges and refunds, and subscriptions information. Get your questions answered and find international support for Stripe.

keen parrot Feb 1, 2024, 7:56 AM

#

But this needs us to be PCI complaint right ?

#

and it's confirm that he is not going to take that

#

Then what way do you recommed ?

mellow jungle Feb 1, 2024, 8:00 AM

#

The only possible way is to have their employees to enter the card details manually via Stripe.js to tokenise the card details and perform 3DS if needed

keen parrot Feb 1, 2024, 8:03 AM

#

So i have another query

#

If i have all this tokenized debit/credit card information, can i make subscription payments using server side code flow

mellow jungle Feb 1, 2024, 8:04 AM

#

Yes!

keen parrot Feb 1, 2024, 8:04 AM

#

There is another 3rd party service which tokenizes card details

#

This service returns all tokens of card information

#

So now i can use this token and make stripe payments, right ?

mellow jungle Feb 1, 2024, 8:07 AM

#

If the third party integrate with Stripe that is eligible to tokenise raw card details and return a tokenised payment method ID (pm_xxx), then yes - the payment method can be used to attach to a customer and make Stripe payments

keen parrot Feb 1, 2024, 8:08 AM

#

Could you send me some references to go through...

mellow jungle Feb 1, 2024, 8:12 AM

#

This channel is for direct technical integration and we don't know how third party integration works

#

I'm afraid we don't have any references or doc to share

#naveen_57769