Keeping credit card information safe with Parse or Stripe
Question
I am working on a app that I need to store credit card information. Would it be safe to use the Parse ACL like this?
PFObject *privateNote = [PFObject objectWithClassName:@"_User"];
privateNote[@"creditCard"] = @1234;
privateNote.ACL = [PFACL ACLWithUser:[PFUser currentUser]];
[privateNote saveInBackground];
1 answers
solution1
0 ACCPTED 2016-07-25 09:56:57
Handling raw card information (ie card numbers) yourself would require you to be PCI certified, which is a long and costly process and not a viable option for most entities.
Stripe and other modern payment processors make it easy to be PCI compliant by providing means to send the payment information directly from the customer to the payment processor, without the merchant (ie you) having direct access to the PCI-sensitive information. You should definitely let Stripe (or another payment processor) handle the card information for you.
(Disclaimer: I work for Stripe.)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.