|
|
|
|
|
|
by Artemis2
2855 days ago
|
|
|
Thanks for the detailed reply! There is indeed a lot to do with authentication/authorization (and things like audit logging…). I’ll look more at EnvKey later to understand the cryptography better. Stripe/other gateways do abstract most of PCI DSS from you, and will not return card data via API calls, so that somewhat sidesteps the compliance issue. |
|
|
All the crypto/security details are here btw: https://security.envkey.com/