0

currently I'm using the node stripe implementation

https://github.com/stripe/stripe-node

this implementation gives me error,

Sending credit card numbers directly to the Stripe API is generally unsafe. We suggest you use test tokens that map to the test card you are using

so I need to user stripe.createToken(); in order to do safe payment or need to configure the stripe account to allow unsafe payments which will be additional task.

how can I implement stripe.createToken(); with Node Js. I couldn't find any hints related to this. additionally only I have found stripe elements and JavaScript codes which can only be implemented from the front-end.

Dilakshan Sooriyanathan
  • 145
  • 3
  • 16

1 Answers1

0

I couldn't find any hints related to this. additionally only I have found stripe elements and JavaScript codes which can only be implemented from the front-end.

In almost all cases it is a bad idea to try to tokenize the card on your server side(i.e from Node). If you have the raw credit card number on your server, you open yourself up to issues with PCI compliance(see the section under Directly to the API) and potential attacks. That's one of the main reasons to use Stripe, it means that you don't need to store and process sensitive credit card data yourself, you just deal with tokens.

It's highly recommended that you always tokenize on the client side, using Checkouts or Elements. That way the frontend speaks directly to Stripe and your code never sees and sensitive credit card information. There are other advantages to using those technologies, such as improved fraud protection and supporting alternative payment methods such as mobile payments(Apple Pay/Google Pay) easily as well.

karllekko
  • 5,648
  • 1
  • 15
  • 19