I am setting up an e-commerce store using Stripe as the payment system. From a security standpoint, do I need to use SSL for the rest of the store if the checkout goes through Stripe, which is secured with SSL?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am setting up an e-commerce store using Stripe as the payment system. From a security standpoint, do I need to use SSL for the rest of the store if the checkout goes through Stripe, which is secured with SSL?
Sure. Beside the payment data, the information and password of the user account should be protected too. Without SSL, browser will post username and password to server for identity checking when users login to your site, there are opportunities that data packages might be sniffed by hackers. Although the password had been encrypted, hackers still has a chance to decrypt it. So you must use SSL for the http transfer.
ps: startssl.com provides free level 1 SSL certificates of domain and email.