Stripe.com Gateway Integration
UltraCart integrates seamlessly with the Stripe.com credit card gateway.
Start by creating your Stripe Account
Sign up for your Stripe.com account here:
https://manage.stripe.com/register
Integrating Stripe into your UltraCart will only take a few minutes.
Gathering your Stripe Credentials
The publishable key is used to generate credit card tokens and should be included with the HTML form. The secret key is used for all other API calls on the server-side. Since UltraCart is already integrated, you'll need only to obtain the live key's.
You can grab the test and live API keys for your account under: Your Account >> API Keys.
NAVIGATE:
On the next screen click on "Your Account":
Next, click the menu choice "API Keys":
You'll need the "live keys":
Placing your Stripe API key credentials into your UltraCart account
Copy and paste the keys into the matching UltraCart configuration fields by navigating in UltraCart:
IF IT IS YOUR FIRST TIME NAVIGATING TO THE PAYMENTS CONFIGURATION PAGE:
Home → Configuration → (middle menu) Checkout → Payments
1) Choose (second radio button) "Accept credit cards" , then click "next" button
2) Choose (second radio button) "I prefer a payment gateway that works with my
existing internet merchant account.", then scroll down and select "Stripe" (radio button)
and click the next button.
3) Paste in (the live API) Publishable & Secret keys into the respective fields, then click the
checkboxes for the credit card types you are setup to process through the account, then
click the "finish" button (you may uncheck the opt-in offer for paypal).
IF YOU HAVE ALREADY PREVIOUSLY COMPLETED THE PAYMENT WIZARD:
Home → Configuration → (middle menu) Checkout → Payments → (Middle Menu) Transaction Gateways
Click the checkbox to select "Stripe" from the list of gateways, to see the configuration fields. You'll paste the Publishable and Secret keys into the corresponding fields, then you'll select ALL of the card types in the "methods" section (Stripe requires all of the CC types be selected.)
- Paste in (the live API) Publishable & Secret keys into the respective fields.
- Enter your "Stripe Statement Descriptor" if instructed to do so by Stripe.
- Select your preference for the "Send Receipts" (Yes/No)
- Click the checkboxes for ALL of the credit card types, then scroll down to the bottom of the page and click the save button to save the changes.
You're now integrated with stripe.com !
Stripe is going global!
Available in 23 nations and counting!
https://stripe.com/global
Australia
Canada
Denmark
Finland
Ireland
Norway
Sweden
United Kingdom
United States
Austria (beta)
Belgium (beta)
France (beta)
Germany (beta)
Italy (beta)
Japan (beta)
Luxembourg (beta) 
Netherlands (beta)
Spain (beta)
Brazil (private beta)
Mexico (private beta)
Portugal (private beta)
Singapore (private beta)
Switzerland (private beta)
PCI Compliance Warning
You may receive a email notification from Stripe warning you about passing complete credit card data to the Stripe servers:
*From: *Stripe <support@stripe.com>
*Subject: **Action required to process safely on Stripe*
*Date: *May 21, 2019 at 11:11:01 AM CDT
*To:
<https://stripe.com/>
Hello there, and welcome to Stripe!
We noticed that you are passing your cardholder's full credit card number
to Stripe's API. We strongly discourage you from handling this information
directly because doing so:
Potentially exposes your customer's sensitive data to bad actors
Excludes your payments from protection by Radar
<https://stripe.com/docs/radar>, Stripe's fraud protection solution
Requires your business to meet complex and burdensome PCI compliance
requirements <https://stripe.com/docs/security#pci-dss-guidelines>
To keep your customer's information safe, we were unable to process the
unsafe charge you just sent us. In order to process payments securely on
Stripe, change your integration to collect payment information using one of
our official client integrations <https://stripe.com/docs/payments>. These
integrations ensure that no sensitive card data ever needs to touch your
server.
In rare cases, you may have to continue handling full credit card
information directly. If this applies to you, you can enable unsafe
processing in your dashboard
<https://dashboard.stripe.com/account/integration/settings>.
For any questions, just reply to this email and we'd be happy to help.
Yours,
The Stripe Team
You can inform Stripe that we are PCI level 1 certified and have our own hosted field technology to properly isolate the card holder information from all threats on the page, etc. UltraCart handles all credit card data in full compliance with existing PCI regulations.
- Enable the "unsafe" processing in your Stripe Dashbaord: https://dashboard.stripe.com/account/integration/settings