|
|
|
|
|
|
by james-singh
4943 days ago
|
|
|
https://stripe.com/us/terms 8. Data Security: You are fully responsible for the security of data on your website or otherwise in your possession. You agree to comply with all applicable state and federal laws and rules in connection with your collection, security and dissemination of any personal, financial, Card, or transaction information (defined as “Data”) on your website. You agree that at all times you shall be compliant with the Payment Card Industry Data Security Standards (PCI-DSS) and the Payment Application Data Security Standards (PA-DSS), as applicable. You agree to promptly provide us with documentation evidencing your compliance with PCI DSS and/or PA DSS if requested by us. You also agree that you will use only PCI compliant service providers in connection with the storage, or transmission of Card Data defined as a cardholder’s account number, expiration date, and CVV2. You must not store CVV2 data at any time. Information on the PCI DSS can be found on the PCI Council’s website. It is your responsibility to comply with these standards. What this means is once you make a payment, you are at the mercy of the vendor you're making payment to. If the vendor does anything mischievous (which shouldn't be difficult at all), you're on your own. :) |
|
|