Privacy and security of Stripe.js

What is Stripe.js?

Stripe.js (and its iOS and Android SDK counterparts) is a JavaScript library that businesses use to integrate Stripe and accept online payments. Once Stripe.js is added to a site or mobile app, fraud signals are used to differentiate legitimate behavior from fraudulent behavior.

For example, fraudsters and bots are less likely to spend time on different pages, which we’re able to detect and use as a signal in stopping fraud.

When you visit a site that uses Stripe, this fraud prevention could appear in a privacy report or tracker list in your web browser.

While you might see Stripe in a tracker list, we’re not building an individual tracking profile on you. Stripe doesn’t—and won’t—share or sell this data to advertisers. This data is securely exchanged between the following Stripe-controlled hosts:

The data collected by these endpoints is designed to be secure and to not leave Stripe infrastructure. Access to this data is tightly controlled, and restricted to a small number of Stripe employees working on fraud prevention and security (and permissions are regularly reviewed). You can read more about this in our Privacy Policy.

Please also visit our Privacy Center where you can read more about privacy at Stripe.