Comment by twunde

8 years ago

On a similar note, I've seen one large client's PCI compliance team tell us that we couldn't use Stripe for their integration, primarily because it's seen as a payment processor for startups and not for the "enterprise." It didn't help that Stripe doesn't give out Merchant IDs. Additional risks have been that Stripe has made breaking changes without an api version update and the number of data issues/edge cases we've run into with automatic reconciliation reports.

2 comments

twunde

Reply
closeparen  8 years ago

What perception of market segment have to do with PCI compliance?

  • girvo  8 years ago

    Not much, but the assessors are human and often take into account subjective factors like that when making their determination. Or threaten to, which is as good as making it a part of their checklist. That’s here in Australia, anyway, about 5 years ago, nothing to do with stripe but they definitely cared about what our processors reputation looked like