Both Stripe and Braintree require you to use SSL (really TLS) on your checkout pages. They also both require you maintain PCI compliance (although you likely qualify for a reduce set of requirements).
They 'require' it, but it is still possible to use the service without SSL. At least it was possible on stripe a few months ago. I'm not sure if they end up cutting you off after they notice the non ssl traffic, but I setup some test apps that worked fine without ssl.