Support

Home Forums Event Espresso Premium Stripe and PCI compliance

Stripe and PCI compliance

Posted: December 9, 2020 at 9:33 am


Mark James

December 9, 2020 at 9:33 am

Hi

I am trying to work out exactly what is needed for using the Stripe addon. I am used to using the stripe addon for Gravity forms which uses webhooks and the credit card information never touches the hosting server.

Is this the same case with event espresso? Can I get away with having a TLS certificate and making the site the only site on the server? Or do I need a PCI compliance audit?

Many thanks

Mark


Tony

  • Support Staff

December 9, 2020 at 1:10 pm

Hi there,

We have 2 integration methods with Stripe which are Checkout and Elements, both of which require SAQ-A level compliance (Elements supports PSD2, Checkout is now considered deprecated by Stripe and does not). However, it also depends on the volume of transactions taken on your site, see:

https://stripe.com/en-gb/guides/pci-compliance

Can I get away with having a TLS certificate and making the site the only site on the server?

May I ask what level of compliance you believe that would be?

Or do I need a PCI compliance audit?

Unless your using on-site payment methods and/or processing 6million transactions per year (putting you in level 1) it’s unlikely you need an audit and just and SAQ should be fine, note they do include network scans from an approved vendor.

The support post ‘Stripe and PCI compliance’ is closed to new replies.

Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.

Support forum for Event Espresso 3 and Event Espresso 4.
Documentation for EE3 and EE4
Documentation for Event Espresso 3 Documentation for Event Espresso 4

Status: closed

Updated by  Tony 2 months, 2 weeks ago ago

Topic Tags

Notifications

This topic is: not resolved
Do NOT follow this link or you will be banned from the site!