I want to integrate Stripe's mobile payments services inside my Android app, but when I read the Android Integration Docs in Stripe's website, I noticed to this code:
...
new TokenCallback() {
public void onSuccess(Token token) {
// Send token to your server
}
...
}
I didn't understand what they mean by "Send token to your server"... What Server do they mean? My own server (like AWS EC2)? Or a private server running on their servers?
Anyway, I clicked on Charge your user immediately at the end of the page and I saw a code for a server-side, but again, I didn't realize what do they mean by "server-side"??
Could you please help me? I want to get over with it...
A typical payment flow with Stripe can be divided in two steps:
Client-side, you collect the customer's payment information and turn it into a token. In a web app, this is done via Checkout or Stripe.js. In a mobile app, this is done with Stripe's iOS or Android SDK.
Once the token has been created, you then send it to your backend server.
Server-side, you use the token to create a charge, or to create a customer which will save the payment information so you can create more charges in the future without having to collect the payment information again.
This tutorial explains the server-side part of the flow.
The main advantage of this two-steps flow is that your server never deals with PCI-sensitive card information. It only deals with tokens which represent cards but hides the PCI-sensitive information. This greatly eases the burden of PCI compliance.