[mLuby]

> DON'T TRUST THIRD PARTY

This is a good policy when ALL first parties meet a certain (regulatory) bar. For banks, I assume that bar is "don't become insolvent" and more recently "don't lend money to terrorists."

The problem is that, as we've seen from the countless hacks in recent years, the first parties are NOT all meeting the bar when it comes to security, namely "don't leak (or abuse) users' private personal info."

And that's unfortunate, because a lot of the time, all a company really needs to know is a "does the registered account correspond (uniquely) to a real human (with certain legal characteristics)." Sometimes they need to know for compliance reasons ("our users are adults" or "aren't terrorists") and other times for uniqueness/fraud reasons ("We want to reduce spam accounts" or "we're paying users $10 to sign up and so need to make sure users aren't signing up multiple times.") It'd be great to be able to answer those questions without having to protect all that personal data that goes into answering it, similar to credit cards.

But your main point stands: if Stripe is allowing companies access to the collected data, then from a security point of view it's little better than having the companies collect and store it themselves. Hopefully Stripe explains their reasoning, or even better, course-corrects early in this launch.