Comment by GeneralTspoon
2 years ago
You don't send anything to the merchant. The information goes directly to the PSP and the PSP sends a token to the merchant.
This usually works by the PSP embedding iframes for the CC fields on the merchants site (so you're inputting directly to e.g. stripe.com)
People use Stripe’s forms because they’re convenient. It’s not a requirement in any way. Stripe provides APIs to build everything in their provided forms so you can build the functionality into your own site easily.
You are apparently not working in eCommerce and don't seem to know how 99% of merchants work nowadays. Merchants don't integrate by calling the Stripe API. They use a platform and those integrations are built-in. The amount of merchants that are actually building their own integration to Stripe API is a very small %, and majority of them would be very large retailers that have the staff to create their own ecom platform and are PCI compliant. Small/medium retailers for the most part are not working that way.
Again, merchants don’t integrate by calling Stripe APIs directly out of convenience. It’s more convenient to use an out of the box solution. But from a technical perspective, nothing is stopping a merchant from accepting your CC details directly.
2 replies →
That's like saying you can't steal from the grocery store because 99% of people don't steal from the grocery store.