Security

Security is a critical aspect of handling online payments. This plugin is designed with security in mind, ensuring that no sensitive payment data ever passes through your server. Instead, it leverages Stripe Checkout, which provides robust built-in security features such as fraud detection, PCI compliance, and tokenized transactions. However, there are additional steps implementers can take to further protect their payment system from misuse. Please read to the end.

While Stripe offers strong security, online payment systems can still be targeted by malicious actors. Here are some common threats:

• Card Testing – Fraudsters use automated scripts or bots to test stolen credit card details by making small transactions. If successful, they proceed to use the card for larger unauthorized purchases.
• Identity Fraud – Attackers may attempt to impersonate legitimate users to make unauthorized transactions or gain access to services they are not entitled to.
• Bot Abuse – Automated bots can rapidly attempt multiple transactions or exploit your checkout flow, leading to fraudulent charges and increased Stripe fees.

The plugin includes several built-in security features and best practices to mitigate these risks.

The plugin uses Stripe Checkout which means that all transactions are processed via the Stripe-hosted Checkout include:

• PCI-compliant card handling – No card data is stored or processed on your server
• Built-in fraud detection – Stripe’s machine-learning algorithms identify and block suspicious activity
• 3D Secure Authentication – When required, Stripe enforces additional verification steps to confirm user identity

• Stripe Radar Integration – Stripe Checkout includes fraud detection tools by default:

  Standard Radar (Free for all accounts) – Automatically screens transactions for fraud and blocks high-risk payments.

  Radar for Fraud Teams (Paid Add-On) – Provides advanced fraud detection, custom rules, and manual review tools.

The plugin implements rate limiting based on IP addresses to reduce the risk of brute-force card testing by limiting the number of transactions attempted within a short period.

• Track transaction attempts: View logs of successful and failed payments
• Identify high-risk users or IPs: Flag repeated failures or unusual activity
• Monitor refund requests: Anomalies in refund behaviour can indicate fraud

The Stripe API keys are properly secured by:

• Encrypting API keys prior to storing in the database
• Using separate keys for live and test environments
• API secret keys are never exposed in client-side code

Stripe API uses a REST interface in which all interactions are properly validated for authenticity according to best-practice.

In addition to the built-in safeguards, you should also consider:

To prevent unauthorized or bot-driven transactions, consider restricting access to the payment button where possible. For example:

• Logged-in Users Only – For membership-based sites, limit payment access to registered users
• Role-based Access – Use WordPress roles to control who can initiate transactions

Rotate keys periodically and revoke unused ones.

Monitor Stripe Radar Alerts & use Stripe’s built-in fraud detection and risk assessment tools.

By combining Stripe’s built-in security features with access control, rate limiting, and transaction logging, this plugin provides a secure and robust payment processing solution.

Implementers are encouraged to review Stripe’s best practices and continuously monitor payment activity to stay ahead of potential threats.