On Fri, Sep 02, 2016 at 11:18:43PM -0700, Aaron Wolf wrote: > Update: I checked with Crowd Supply what they do… > > They say they simply have a form that doesn't use any JS, they > process the form data server-side and send to stripe via Stripe's > API, and they never store any payment data to disk so avoid any > extra compliance burden.
Yeah, but, they have to go through the extra bureaucracy of claiming they don't store payment data, and that their logs don't accidentally capture it somehow (as well as making sure that never ever happens). I imagine it's all self-enforced, but we really don't have the bandwidth to deal with any challenges to our claims. We can switch to that method eventually, of course, once we feel we have the bandwidth to deal with potential complications.
Description: Digital signature
_______________________________________________ Discuss mailing list Discuss@lists.snowdrift.coop https://lists.snowdrift.coop/mailman/listinfo/discuss