On Mon, 10 Jul 2017 14:18:53 -0700
Aaron Wolf <aa...@snowdrift.coop> wrote:

> The real long-term solution is what CrowdSupply does: They accept the
> financial details on their front-end using only free software and then
> have the server send the information to Stripe using Stripe's API and
> without *ever* storing the info. This still means touching the financial
> details, so it comes with security overhead that we haven't been able to
> handle at this time with our limited resources. But this is the solution.

Sure, I never intended to imply otherwise, I agree it's better than needing to
store the sensitive data ourselves. But yes, it would turn Snowdrift into a
*transmitter*  of card data, which right now it isn't (afaik).

Attachment: pgp_wNnhJrAJ8.pgp
Description: OpenPGP digital signature

Discuss mailing list

Reply via email to