PCI Compliance

All store owners wishing to process credit card transactions should be familiar with PCI Compliance. Spree Gateway Stripe integration and Spree Braintree vzero are PCI-compliant.

Using payment tokens

We do not transmit or store Credit Card numbers. Instead we're using payment processor tokens supplied by their SDKs to authorize and charge customer cards.

3-D Secure and Strong Customer Authentication support

Spree Gateway Stripe integration supports Strong Customer Authentication (SCA) out of the box. Remember to use Stripe Elements gateway with Payment Intents option enabled.
Spree Braintree vzero extension supports 3D Secure 2.0.