As soon as you create a Stripe account, you can begin interacting with it in test mode. All of Stripe’s features are available in test mode, though no live charges can be created. To begin accepting payments from customers, you must first activate your account.
Activating your account
Account activation is a simple process: you fill out the account application requesting some basic information about your product, your business, and your own personal relationship to your business. Once you’ve activated your account, you can immediately start accepting live payments.
Stripe’s “Know Your Customer” (KYC) obligations require that we collect and maintain this information on all Stripe users. These requirements come from our regulators and financial partners, and are intended to prevent abuse of the financial system. The information you provide is reviewed internally to ensure they comply with our services agreement. If we need any further information, we’ll get in touch right away.
Updating your public business information
The following details are made visible to your customers, either on their card statement or in email receipts sent by Stripe.
- Business name and website URL
- Business email address, phone number, and address
- Support site URL
- Statement descriptor text
This information is provided by you when you activate your account, and can be updated any time in your account’s Business Settings. Make sure your statement descriptor text and business information can be clearly associated with you. If a customer cannot recognize one of your payments, they may dispute it.
You can also use dynamic statement descriptors when creating a charge so that each payment has a custom statement descriptor. This dynamic text is appended to the shortened descriptor set in the Stripe Dashboard. Statement descriptor prefixes are limited to between 2 and 10 characters. For detailed information, see the documentation on statement descriptors.
Keeping your account safe
Once you’ve set up your account, you’ll want to keep it safe. Here are some recommendations:
- Keep private information private
- Your password should be known only to you, and your secret API keys kept confidentially on your own servers. As a reminder, Stripe employees will never ask you for them.
- Don’t reuse your Stripe password
- Your password should be unique to Stripe. If you use your password on another site and that site is compromised, an attacker could use those stolen credentials to take over your account.
- Use team members to provide others with access to your account
- You can invite others to your Stripe account so they can log in and take certain actions, but with limited access.
- Update your computer and browser regularly
- We recommend configuring your computer to automatically download and install updates (e.g., macOS or Windows). This helps protect your system against automated attacks and malware.
- Beware of phishing
- All genuine Stripe sites use the stripe.com domain and are HTTPS. If you get an email from us that you don’t expect, go directly to our site to log in. Do not enter your password after clicking a link in email. If you’re ever not sure it’s really us, here’s what to do.
- Enable two-step verification
- If you do, you’ll need to provide an additional unique code from your mobile device to complete the login process—either received as a text message or generated through an app like Google Authenticator. This means even if someone steals your username and password, they won’t be able to log in. To use this feature, go to your user settings and enable two-step verification.
Read on to learn more about using your Stripe account!
Was this page helpful?