I have a notice in my Stripe panel about tokenization of card. We use Stripe with Foxy and Facebook so I am not sure where the issue lies. do you guys know about this? Is this something that needs to be addressed by me or foxy?
Good question. We don't make use of Stripe's tokenisation as we securely store the customers cards on our side, which is why you don't need that enabled for your store. Stripe is right there that it's better to not have the increased burden of managing card data - but by using FoxyCart we take that burden for you.
Unless you're handling credit cards elsewhere outside of FoxyCart, we take the PCI burden. We're Level 1 PCI compliant - more information on that here: https://wiki.foxycart.com/static/foxycart_security
Our PCI compliance should be enough for Stripe's support, as we're handling the credit card details. If not - let us know and we'd be happy to help out.
happycloud
Member
Good question. We don't make use of Stripe's tokenisation as we securely store the customers cards on our side, which is why you don't need that enabled for your store. Stripe is right there that it's better to not have the increased burden of managing card data - but by using FoxyCart we take that burden for you.
Unless you're handling credit cards elsewhere outside of FoxyCart, we take the PCI burden. We're Level 1 PCI compliant - more information on that here: https://wiki.foxycart.com/static/foxycart_security
What that means for you is that you fall into the lowest levels of requirements for PCI. You can see details of that here: http://wiki.foxycart.com/primer/security#pci_dsswhat_it_is_and_what_it_means_to_you
Our PCI compliance should be enough for Stripe's support, as we're handling the credit card details. If not - let us know and we'd be happy to help out.