[LocalPCGuy]

> if Stripe is dead, return fake success

Just a thought, might want to make sure that cannot be exploited by blocking the Stripe API when someone logs into your app?

[shkkmo]

I would assume that the check is

1) made server side, so can't be blocked by the client

2) only made to prompt people to update their payment info if needed

[jonstaab]

Correct, the check is server-side. Nothing the client can do about it.

[cruano]

Except for DOS attacks to Stripe /s

[XMPPwocky]

That'd only work if the client/web page is doing the API calls, not if the backend was doing them, right?