Stripe Payment Changes (Stripe.js PCI Compliance Validation)

Tuan, there is a note in my Stripe dashboard talking about PCI compliance and changes made by the PCI security standards council. see message below

Upgrade your integration for easier PCI compliance
We strongly recommend that you migrate your checkout flow to Stripe Elements, Checkout, one of our mobile libraries, or one of our partner platforms in order to minimize your PCI scope. If you upgrade, Stripe pre-fills your PCI documentation for you. With your current setup, you'll need to provide your own documentation in the next step.

my question to you is EB using stripe.js if yes do you plan and upgrading to stripe elements or Checkout to fulfill the new PCI Compliance requirements?

Hi

Yes. Events Booking uses Stripe JS, not Stripe Elements yet. However, as it's required by Stripe, I think I will add support for it. Give me few more weeks, I will update you when it's implemented

Regards,

Tuan

Hello Tuan,

Is there any update on using Stripe Elements for processing in the payment plugins? Stripe is insisting on it's use for easy PCI compliance.

Hi Teresa

We actually have it supported sometime ago. You just need to download latest version of the payment plugin, update it to your site. Then click on os_stripe payment plugin to edit, set Use Stripe Element parameter to Yes and it should work as expected

Regards,

Tuan

Tuan Pham Ngoc wrote: We actually have it supported sometime ago. You just need to download latest version of the payment plugin, update it to your site. Then click on os_stripe payment plugin to edit, set Use Stripe Element parameter to Yes and it should work as expected

Hi Tuan, I've just updated to the latest version of the plugin (BTW: it's difficult to figure out with this plugin if an update is required or not as the version number is not shown on your site), and enabled Stripe Element, but the payment details field, i.e. the stripe element doesn't show on my checkout page, so registration is impossible

I have disabled it again, and my site is working normally again, but for easy PCI Compliance, I would like to get Stripe Elements working. Thanks for the help.

I have Joomla 3.8.11 and EB 3.6.0.

Thanks,
Donal

Hi Donal

Stripe element option works very well. Maybe it doesn't work because you customized registration form (implemented using override) and that's why it doesn't work?

Try to check PATH_TO_TEMPLATE/html/com_eventbooking folder, if you see register folder there, try to rename that folder to something else and check it again. It should work fine

Regards,

Tuan

Thanks Tuan, that fixed the issue.

Just one question: The name of the card holder has been removed from the stripe payment form. Is cardholder name now not a necessary field?

I only ask because I have removed all personal info from the deposit completion page.

I have read the Stripe documentation, but its not specifically mentioned. I'm guessing that the name is no longer sent to Stripe for validation, but I'd love to hear confirmation from you.

Thanks,
Donal

Hi Donal

Yes, you are correct. For some reasons, when we use Stripe Card Element, Stripe doesn't require Card Holder Name anymore

Just card number, expiration date, CVV code and zip code.

Tuan

Hi,

Is there a way to translate texts when using Stripe Card Element on a multilanguage site?

Rgds,

Petter

Sadly, it's generated by Stripe and we don't have a way to change it

Tuan