Card Payments Quickstart

Securely collect card information from your customers and either create a card payment or save the details for later. If you need help after reading this, check out our answers to common questions or chat live with other developers in #stripe on freenode.

Whether you’re creating a one-off charge or saving your customer’s card details for later, using card information with Stripe is a two-step process:

  1. Securely collect payment information using tokenization
  2. Use the payment information in a charge request or save it for later

Client-side tokenization is the method Stripe uses to collect card information directly from your customers in a secure manner. During this process, a token representing this information is returned to your server for use in a charge request (or to save the card details for later use). Tokens can only be used once and expire within a few minutes.

Step 1: Securely collecting payment information

We provide three methods for tokenizing your customer’s payment information over HTTPS:

Tokenization ensures that no sensitive card data ever needs to touch your server so your integration can operate in a PCI compliant way. If any card data were to pass through or be stored on your server, you would be responsible for any PCI DSS guidelines and audits that are required.

Radar, our modern suite of fraud protection tools, is only available to users who have implemented client-side tokenization using any of these methods. By doing so, it ensures that you can pass the necessary data required for our machine-learning fraud prevention models to make more accurate predictions.

Checkout

Checkout combines HTML, JavaScript, and CSS to create an embedded payment form, and is the simplest way for you to securely collect and tokenize your customer’s payment information. When your customer enters their credit card information, it’s validated, and then tokenized for your server-side code to use.

<form action="/your-server-side-code" method="POST">
  <script
    src="https://checkout.stripe.com/checkout.js" class="stripe-button"
    data-key="pk_test_6pRNASCoBOKtIshFeQd4XMUh"
    data-amount="999"
    data-name="Stripe.com"
    data-description="Widget"
    data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
    data-locale="auto"
    data-zip-code="true">
  </script>
</form>

If Checkout is something you’d like to use, refer to our documentation on integrating Checkout to get started.

Stripe.js

If you’d prefer to have complete control over the look and feel of your payment form, you can create a custom payment form and use Stripe.js instead. Your form can be customized however you need and Stripe.js tokenizes the payment information directly with Stripe. Read our documentation on building a payment form to learn more.

Mobile SDKs

Using our native mobile libraries for iOS and Android, Stripe can collect your customer’s payment information from within your iOS or Android app and create a token for your server-side code to use.

Step 2: Using the tokenized payment information

Once a token is created, it’s used by your server-side when making an API request to Stripe. Two common examples of when you would use a token are:

Charging your customer immediately

You can create a one-time charge request to charge a customer’s card. The API request contains the token, currency, amount to charge, and any additional information you may want to pass (e.g., metadata). When using this approach, your customer needs to re-enter their payment details each time they make a purchase.

curl https://api.stripe.com/v1/charges \
   -u sk_test_BQokikJOvBiI2HlWgH4olfQ2: \
   -d amount=1000 \
   -d currency=usd \
   -d description="Example charge" \
   -d source=tok_5lpk27taN1xOhQJgPUSOOSeI
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2"

# Token is created using Stripe.js or Checkout!
# Get the payment token submitted by the form:
token = params[:stripeToken]

# Charge the user's card:
charge = Stripe::Charge.create(
  :amount => 1000,
  :currency => "usd",
  :description => "Example charge",
  :source => token,
)
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2"

# Token is created using Stripe.js or Checkout!
# Get the payment token submitted by the form:
token = request.POST['stripeToken']

# Charge the user's card:
charge = stripe.Charge.create(
  amount=1000,
  currency="usd",
  description="Example charge",
  source=token,
)
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey("sk_test_BQokikJOvBiI2HlWgH4olfQ2");

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
$token = $_POST['stripeToken'];

// Charge the user's card:
$charge = \Stripe\Charge::create(array(
  "amount" => 1000,
  "currency" => "usd",
  "description" => "Example charge",
  "source" => $token,
));
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_BQokikJOvBiI2HlWgH4olfQ2";

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
String token = request.getParameter("stripeToken");

// Charge the user's card:
Map<String, Object> params = new HashMap<String, Object>();
params.put("amount", 1000);
params.put("currency", "usd");
params.put("description", "Example charge");
params.put("source", token);

Charge charge = Charge.create(params);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
var stripe = require("stripe")("sk_test_BQokikJOvBiI2HlWgH4olfQ2");

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
var token = request.body.stripeToken; // Using Express

// Charge the user's card:
var charge = stripe.charges.create({
  amount: 1000,
  currency: "usd",
  description: "Example charge",
  source: token,
}, function(err, charge) {
  // asynchronously called
});
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2"

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
token := r.FormValue("stripeToken")

// Charge the user's card:
params := &stripe.ChargeParams{
  Amount: 1000,
  Currency: "usd",
  Description: "Example charge",
}
params.SetSource(token)

charge, err := charge.New(params)

Saving your customer’s card information

If you’d like to have the ability to charge your customers without them needing to enter their payment information each time, you can create an API request to store their payment details inside a customer record instead. Future charges can be made using the stored information. This is required if you’d like to start using subscriptions.

# Create a Customer:
curl https://api.stripe.com/v1/customers \
   -u sk_test_BQokikJOvBiI2HlWgH4olfQ2: \
   -d email="paying.user@example.com" \
   -d source=tok_ldtwd3rdnpyItv3C3ldfk4O3
# Charge the Customer instead of the card:
curl https://api.stripe.com/v1/charges \
   -u sk_test_BQokikJOvBiI2HlWgH4olfQ2: \
   -d amount=1000 \
   -d currency=usd \
   -d customer=cus_LX2IkKqUkhGFc6
# Save the customer ID and other info in a database for later.
# When it's time to charge the customer again, retrieve the customer ID.
curl https://api.stripe.com/v1/charges \
   -u sk_test_BQokikJOvBiI2HlWgH4olfQ2: \
   -d amount=1500 \
   -d currency=usd \
   -d customer=cus_r4SVQos7PFGCgK
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.api_key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2"

# Token is created using Stripe.js or Checkout!
# Get the payment token submitted by the form:
token = params[:stripeToken]

# Create a Customer:
customer = Stripe::Customer.create(
  :email => "paying.user@example.com",
  :source => token,
)

# Charge the Customer instead of the card:
charge = Stripe::Charge.create(
  :amount => 1000,
  :currency => "usd",
  :customer => customer.id,
)

# YOUR CODE: Save the customer ID and other info in a database for later.

# YOUR CODE (LATER): When it's time to charge the customer again, retrieve the customer ID.
charge = Stripe::Charge.create(
  :amount => 1500, # $15.00 this time
  :currency => "usd",
  :customer => customer_id, # Previously stored, then retrieved
)
# Set your secret key: remember to change this to your live secret key in production
# See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.api_key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2"

# Token is created using Stripe.js or Checkout!
# Get the payment token submitted by the form:
token = request.POST['stripeToken']

# Create a Customer:
customer = stripe.Customer.create(
  email="paying.user@example.com",
  source=token,
)

# Charge the Customer instead of the card:
charge = stripe.Charge.create(
  amount=1000,
  currency="usd",
  customer=customer.id,
)

# YOUR CODE: Save the customer ID and other info in a database for later.

# YOUR CODE (LATER): When it's time to charge the customer again, retrieve the customer ID.
charge = stripe.Charge.create(
  amount=1500, # $15.00 this time
  currency="usd",
  customer=customer.id, # Previously stored, then retrieved
)
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
\Stripe\Stripe::setApiKey("sk_test_BQokikJOvBiI2HlWgH4olfQ2");

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
$token = $_POST['stripeToken'];

// Create a Customer:
$customer = \Stripe\Customer::create(array(
  "email" => "paying.user@example.com",
  "source" => $token,
));

// Charge the Customer instead of the card:
$charge = \Stripe\Charge::create(array(
  "amount" => 1000,
  "currency" => "usd",
  "customer" => $customer->id
));

// YOUR CODE: Save the customer ID and other info in a database for later.

// YOUR CODE (LATER): When it's time to charge the customer again, retrieve the customer ID.
$charge = \Stripe\Charge::create(array(
  "amount" => 1500, // $15.00 this time
  "currency" => "usd",
  "customer" => $customer_id
));
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
Stripe.apiKey = "sk_test_BQokikJOvBiI2HlWgH4olfQ2";

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
String token = request.getParameter("stripeToken");

// Create a Customer:
Map<String, Object> customerParams = new HashMap<String, Object>();
customerParams.put("email", "paying.user@example.com");
customerParams.put("source", token);
Customer customer = Customer.create(customerParams);

// Charge the Customer instead of the card:
Map<String, Object> chargeParams = new HashMap<String, Object>();
chargeParams.put("amount", 1000);
chargeParams.put("currency", "usd");
chargeParams.put("customer", customer.getId());
Charge charge = Charge.create(chargeParams);

// YOUR CODE: Save the customer ID and other info in a database for later.

// YOUR CODE (LATER): When it's time to charge the customer again, retrieve the customer ID.
Map<String, Object> chargeParams = new HashMap<String, Object>();
chargeParams.put("amount", 1500); // $15.00 this time
chargeParams.put("currency", "usd");
chargeParams.put("customer", customerId);
Charge charge = Charge.create(chargeParams);
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
var stripe = require("stripe")("sk_test_BQokikJOvBiI2HlWgH4olfQ2");

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
var token = request.body.stripeToken; // Using Express

// Create a Customer:
stripe.customers.create({
  email: "paying.user@example.com",
  source: token,
}).then(function(customer) {
  // YOUR CODE: Save the customer ID and other info in a database for later.
  return stripe.charges.create({
    amount: 1000,
    currency: "usd",
    customer: customer.id,
  });
}).then(function(charge) {
  // Use and save the charge info.
});

// YOUR CODE (LATER): When it's time to charge the customer again, retrieve the customer ID.
stripe.charges.create({
  amount: 1500, // $15.00 this time
  currency: "usd",
  customer: customerId,
});
// Set your secret key: remember to change this to your live secret key in production
// See your keys here: https://dashboard.stripe.com/account/apikeys
stripe.Key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2"

// Token is created using Stripe.js or Checkout!
// Get the payment token submitted by the form:
token := r.FormValue("stripeToken")

// Create a Customer:
customerParams := &stripe.CustomerParams{
  Email: "paying.user@example.com",
}
customerParams.SetSource(token)
customer, err := customer.New(customerParams)

// Charge the Customer instead of the card:
chargeParams := &stripe.ChargeParams{
  Amount: 1000,
  Currency: "usd",
  Customer: customer.id,
}
charge, err := charge.New(chargeParams)

// YOUR CODE: Save the customer ID and other info in a database for later.

// YOUR CODE (LATER): When it's time to charge the customer again, retrieve the customer ID.
chargeParams := &stripe.ChargeParams{
  Amount: 1500, // $15.00 this time
  Currency: "usd",
  Customer: customerId,
}
charge, err := charge.New(chargeParams)

Next steps

Congrats! You can now accept card payments with Stripe. You may want to learn more about receiving funds from Stripe and managing your account, handling failed or disputed payments, or making use of recurring billing: