I have no idea what your credit card number is, and I never will.
You might be wondering, how is this possible? Isn’t there an option to deposit money with my credit card on the XYG site? How can I accept your payment if I don’t even know what the number or expiry date is? Let me explain.
We use an e-commerce service called Stripe. It’s been around since 2011, so it’s relatively new compared to old industry heavyweights like Paypal. It has been gaining lots of ground, however, because of it’s ease of use for developers and a strong focus on security.
One of their innovations has been sending credit card details directly from your browser to the Stripe servers. The card information gets encrypted right there on your computer and is sent securely using an SSL connection (the same encryption that banks use) to Stripe. They decrypt the data, and temporarily store your details. No payment is made yet, but now Stripe knows enough to make one.
The next step is that Stripe creates a single use token, which is just a long bit of randomly generated gibberish text, that it sends back to your browser. They store this alongside the data, which is now the only way that information can be unlocked. This blob of text, which looks something like “tk_8jf4blahlkm6fxygrulesm9klsd”, is the only thing your browser passes back to the XYG server. All we have to do in order to confirm payment is simply pass it on back to Stripe and complete the circuit. Only at this point does the credit card actually get charged. Stripe throws away both the credit card number and the token, returns a confirmation message to us, and we add the right amount to your account balance. Easy!
How about when we save credit card details? Once again, all the storing of sensitive data is kept on the Stripe servers. Why would we want that kind of security headache? Let the experts handle it. All we have is our private key and a multi-use token that represents your credit card. If you want to use a saved credit card to deposit some more money, all we have to do is send both to Stripe and get a confirmation back.
See? I don’t know your credit card and you don’t know my private key. We all have our secrets. It’s safer that way.