Jump to content

bw1

Members
  • Posts

    3
  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

bw1's Achievements

Newbie

Newbie (1/14)

4

Reputation

  1. I found the Stripe Plus Gateway - It looks promising and initial testing looks like it uses Stripe properly Seems to be somewhat more updated. I unchecked the "process payments unsafely" in Stripe, set this up and it's able to save credit cards (test) and process payments. It appears to be done quite well. I perfectly fine using a 3rd party gateway especially if it's more up to date. Also could this help the Blesta devs implement it as a solution? Because it doesn't look like @Cherry rewrote the whole payment system, just implemented the Stripe gateway as it should have been done in the first place. I haven't dug into the code or anything to see how it works but this is looking promising again. My only worry is using this gateway and some day converting back to the blesta gateway and having trouble linking up tokens, etc.
  2. I agree with katycomputer. Tyson - it seems like the Blesta team is just trying to blow this off like it's normal. I get it that many direct merchant accounts operate like this and require more for PCI compliance but I think one of the reasons so many people go with Stripe is so that isn't worry. It should be very obvious to the devs when they have to instruct users to go change the "not reccomended" setting in their Stripe account in order for this to work. I think changing the gateway to comply should be pretty straight forward. I realize I'm not a dev but knowing about this for a long time it should have been done by now. Especially with the warning starting in October from Stripe. @katycomputer I think this is exactly what will happen. If Stripe figures out you are using the gateway this way, they will eventually require the FULL PCI documentation and if not completed will stop processing transactions @Tyson - Any thoughts on how soon this could get fixed??
  3. I see that the Stripe gateway does use tokens, but one thing I have been searching for and isn't answered, or stated plainly anywhere is: Does your server need to be PCI compliant if you use the Stripe gateway? By the looks of it and according to Stripe it does. The Blesta Stripe gateway sends CC numbers directly with the API which is not the assumption when using the Stripe gateway as most platforms that have Stripe integration send credit card numbers via Stripe.js or Stripe Checkout. Is there any progress on this so Stripe can be used without having to enable the "not recommended" setting in Stripe and having to be PCI compliant? I think this could be done pretty easily and not change much in the back end but previous posts make it seem like it's a huge task. I think this clarified could help a ton.
×
×
  • Create New...