- Card numbers and CVC values are never stored in OpenCart.
- Stripe Payment Element securely collects sensitive payment details.
- OpenCart receives payment status information, not raw card data.
- Webhook signatures are verified before payment events are trusted.
- Secret keys, client secrets, card details, and webhook signatures should never be shared publicly.
- HTTPS is strongly recommended for your store checkout and webhook endpoint.
HuntBee Stripe Pro uses a PCI-friendly payment flow because sensitive card data is handled by Stripe.