Select the type of integration you are building to see Stripe’s corresponding requirements and recommendations.
- Collect zip code, name, and email when tokenizing cards to protect against disputes
- Listen to webhooks events to stay informed about payments events
- Integrations using Payments should listen to events like payment_intent.succeeded, payment_intent.payment_failed or checkout.session.completed
- Integrations using Billing and Invoicing should listen for events relevant to user’s invoices from invoice.created to invoice.paid
- Avoid listening to all events on webhook endpoints
- Include measures to prevent card testing when collecting payment information