The curl https://api.stripe.com/v1/tokens \
-u sk_test_qMabFX3j5ApELqUH8mEy6NDp: \
- d card [number]=4242424242424242 \
- d card 12 \ [exp_month]=
- d card [exp_year]=2019 \
- d card (CVC)=123
Or through
Stripe. ApiKey="sk_test_qMabFX3j5ApELqUH8mEy6NDp";
Map
Map
CardParams. Put (" number ", "4242424242424242");
CardParams. Put (" exp_month ", 6);
CardParams. Put (" exp_year ", 2019);
CardParams. Put (CVC ""," 314 ");
TokenParams. Put (" card ", cardParams);
Token. The create (tokenParams);
I saw the news on the dashboard: "we have seen over the past few days NNN request of the original credit card number"
My question is: 1) I can safely use Java API to create card token? If so, how to avoid this kind of news? 2) or I must use the Stripe element and their a script?
CodePudding user response:
If you use the server to create in Java card token, said your server receives the original card details. If you do not save the information in the database, you still need to comply with the higher level of PCI compliance, it will be a lot of work to abide by.Instead, you should use Elements or Checkout tag on the client. This will allow you to safely on the client to create A token, then sends the token to your server. This will also allow you to belong to the SAQ - A, this is the most simple PCI compliance level. You can reading about differences in the Stripe document here for more information.
CodePudding user response:
Hello, there is a problem request, convenient and direct messages