In conjunction with Stripe's recent upgrade to their system, Rezdy has made an update to be in compliance with Stripe Elements. Stripe has sent out an email advising of the following:
We noticed that you are passing your cardholder's full credit card number to Stripe's API. We strongly discourage you from handling this information directly because doing so:
- Potentially exposes your customer's sensitive data to bad actors
- Excludes your payments from protection by Radar, Stripe's fraud protection solution
- Requires your business to meet complex and burdensome PCI compliance requirements
To keep your customer's information safe, we were unable to process the unsafe charge you just sent us. In order to process payments securely on Stripe, change your integration to collect payment information using tokenization. Tokenization ensures that no sensitive card data ever needs to touch your server.
In rare cases, you may have to continue handling full credit card information directly. If this applies to you, you can enable unsafe processing in your dashboard.
If you have enabled this option within your Stripe Dashboard, we strongly recommend that you disable this feature by going into Business Settings > Integration > disable Process payments unsafely
Once this is done, you'll need to obtain the Secret Key and Publishable Key. To do this, go back to your Dashboard
- Click API
- Copy both the Live Publishable and Secret Keys and paste into your Rezdy > Online Payments page. Click Here for more information.
If you need further help with this, feel free to contact our Support Team.