15Oca
Is it financialy safe to use stripe for payment processing with http?
Stripe.com is a service allowing to outsource the process of payment processing. In a similar way than Oauth this work by exchanging tokens.
Of course, running one’s website on an unencrypted connection is very bad. But what about stripe ? Is it possible to catch a redirect and use payment made by someone else on a different account or are payment redirect tied to the person having initiated it ?
In the later case, this means beside getting amount being spent or stealing cookies, no money can be stolen directly unlike when the process doesn’t use a payment gateway where debit card or other banking details are leaked.
