A Wholly Superficial Review of Stripe

Posted by on December 5, 2011
 

Processing credit cards is hard. I mean really, really hard. For someone like me who manages his own server, writes his own code, and tries to keep all the balls in the air, the idea of maintaining a PCI-compliant server gives me the heebie-jeebies. I’ve looked at other systems and as much as I hate to say it, up until now, PayPal has been the best option for small sites like mine. However, for code monkeys, a new option is now available, Stripe.

Stripe bills themselves as “payments for developers”; so right away, you know they have identified a group – me – that needs a service – payment processing – and is targeting just that group. I love their single-minded focus. I also love companies that don’t take themselves too seriously, and if you take a look at their FAQ, you begin to realize that even though their service is dead serious, maybe they aren’t.

So when I started hacking together a simple script to sell my new book online, I decided to give Stripe a chance, assuming I would fall back to PayPal all too soon. Not so this time. Using nothing more than their tutorial, I was able to start processing test transactions in about 20 minutes; that was incredibly cool.

To get going, you have to set up an account. This involves the normal churn of email address, password, etc. However, then they add a twist; you have to complete a test transaction. You can do so in the browser or use the curl code they supply to do it from your server.

Once you are verified, you are ready to process all the test transactions you want. Getting to the point where you can process real transactions takes a bit more information, though.

It would be silly of me to publish code here since everything you need to process a test transaction can be found in their “Forms Tutorial”. Complete that, and you can fire off test transactions, play with their code and mold it into something that can work for you. Once you have the front end working, follow through to their “Payment Tutorial”, and they will show you how to finish the transaction in either PHP, Ruby or Python. Seriously, 20 minutes of copy ‘n paste, and you’ve got a working system that you can dissect to see how it works and how you can integrate it into your system.

The thing I like most about Stripe is that it keeps the credit card information off my server totally; thus eliminating the need for it to be PCI-compliant. They encrypt the credit card number in JavaScript and send it to their own PCI-compliant server via an Ajax call. What comes back to you is a token representing the transaction. You send that token to your server and complete the transaction. It is a beautiful system, and I am honestly surprised someone hasn’t done it before. Then again, the best ideas are like that.

The only downside I have found so far – and this may be a deal killer for some – is that they hold your money for 7 days before paying. Given the ease of implementation and the convenience that Stripe provides, this is a limitation I am willing to live with, at least for this project.

If you need to incorporate payment processing into your system or are building out something that needs payment processing, you need to at least consider Stripe. It’s not right for every project – no tool is. It is however, a solid tool that you need to be aware of for future projects.


About the author—Cal Evans is a veteran of the browser wars. (BW-I, the big one) He has been programming for more years than he likes to remember but for the past [redacted] years he's been working strictly with PHP, MySQL and their friends. Cal regularly speaks at PHP users groups and conferences, writes articles and wanders the net looking for trouble to cause. He blogs on an "as he feels like it" basis at Postcards from my life.