[jdelsman]

It might be trivial to charge, but storing credit card details and remaining PCI compliant is a nightmare for businesses, especially at scale. Trust me -- getting audited and fined because you're not PCI complaint is much more expensive than giving the burden to another company like Stripe. Plus, Stripe is great because they don't hold your customers' data hostage.

[ianstallings]

But using a service like authorize.net usually means using their PCI-compliant storage in turn with their e-commerce service. How it works is basically the data does not have to pass through your servers exactly like stripe works. They store the data in their servers and you use a key to pass that data to the e-commerce mechanism, never seeing the actual data yourself.

If you're interested the service is called the Customer Information Manager. You can use it to store any secure data that you'd rather not be responsible for. I've used it to great success.

My main reason for my love affair with authorize.net? Recurring billing. They nailed it.

[sulife]

If 1% of your revenue is worth not spending a few hours to figure out BS PCI stuff I suggest you rethink your priorities or you're doing really low volume where 1% is like $5.

[Reebz]

It's not about figuring it out, the key thing here is transfer of risk. Its certainly won't be "bs" if you get a fine due to a breech.

[sulife]

There's about 5 million tutorials online how to do everything properly. < 1 day work for 1% of sales... HMMMMMMMMM. tough decision, not.

[zevyoura]

This kind of tone is generally looked down on here at HN. I think there's an argument to be made on your side, but you're doing an exceptionally poor job at making it in a civil and friendly way. I'm genuinely interested in the other side of the story, but you have to have the discussion in good faith.

[spitfire]

There is a good argument to be made on his side. But it's a business decision on what adds the most value for people.

For most people, they aren't (and don't want to be) experts in payment processing. Improving their product moves the needle by more than 1% for the same (or less) effort than spending time on payment processing.

[sulife]

Sorry for being honest. Would you prefer:

Stripe is an amazing service and their founders are amazing people. I wish I could blow them, but they probably wouldn't even let me b/c the VCs are already all over that. On the other hand, for people who enjoy saving money, becoming PCI compliant and saving 1% + trans fees is another alternative and there are numerous tutorials available to help anyone do that within a few hours even if you are severely autistic.

[pclark]

No need to be an ass. Also, it's business 101 to focus on your core and outsource the rest: so yes, it absolutely is worth using stripe rather than building payment architecture yourself. You are probably the only person on Hacker News that thinks building all this yourself makes sense.