PCI Compliance

All store owners wishing to process credit card transactions should be familiar with PCI Compliance. Spree Gateway Stripe integration and Spree Braintree vzero are PCI-compliant.

Using payment tokens

We do not transmit or store Credit Card numbers. Instead we're using payment processor tokens supplied by their SDKs to authorize and charge customer cards.

3-D Secure and Strong Customer Authentication support

​Spree Gateway Stripe integration supports Strong Customer Authentication (SCA) out of the box. Remember to use Stripe Elements gateway with Payment Intents option enabled.
​Spree Braintree vzero extension supports 3D Secure 2.0.