Can someone confirm whether these statements on the matter is correct please?
1. Blesta's Stripe Gateway will currently send through the card details to the Stripe server but will not store them locally.
2. If I have a SSL certificate on my Blesta install the card details are encrypted when they are submitted and sent to Blesta.
3. This means my customers are safe and I am safe from potential legal fines.
Is this correct? O the Stripe website support.stripe.com/questions/do-i-need-to-be-pci-compliant-what-do-i-have-to-do it seems like this is all that needs doing to make them happy.
Has anyone got any comments, observations or advice?