Encryption is the process of scrambling data into an unreadable format (called ciphertext) using an algorithm and a secret “key.” Only someone with the correct key can unscramble (or decrypt) the data back into its original, readable form. In payment processing, encryption is used to protect sensitive card information as it travels from the merchant’s device to the payment processor’s secure environment.
Frequently Asked questions (FAQs)
- How does Charge for Stripe use encryption?
When you accept a payment, the Charge for Stripe app and the underlying Stripe SDK encrypt the card data the moment it’s captured (via tap or manual entry). This encrypted data is then sent securely over the internet to Stripe’s servers, where it can be safely decrypted for processing. - What is end-to-end encryption?
This means the data is encrypted at the point of capture and is not decrypted until it reaches its final, secure destination (the payment processor). This prevents anyone in the middle—including on the merchant’s own network—from intercepting and reading the sensitive information. - Why is encryption important for PCI compliance?
Encrypting cardholder data both in transit and at rest is a fundamental requirement of the PCI Data Security Standard.
Related terms: