Stripe.js v1.1
for osCommerce Online Merchant v2.3

Stripe.js makes it easy to collect credit card (and other similarly sensitive) details without having the information touch your server. With Stripe, you can create exactly the payment experience you want in your website or mobile app, and we handle everything from security to daily transfers to your bank account. You can get started immediately.

Stripe.js is bundled with osCommerce Online Merchant and is also available as a separate Add-On package existing store owners can use to upgrade to.

The Stripe.js payment module supports the following features:

  • Securely stored payment cards (Tokens)
  • SSL Certificate verified transactions


Securely Stored Payment Cards (Tokens)

Stored tokens allows customers to securely save their card payment information during their purchase and to reference the stored card in their next purchase without having to re-type their card information again. The card payment information is securely stored at Stripe's servers and is referenced with a unique token code.


Stored tokens requires the following:

  • Stripe Cards Management Page content module; it is important to enable the Stripe Cards Management Page content module to allow customers to manage their stored cards in their account area. The content module can be found on the Administration Tool -> Modules -> Content -> Install Module page.
  • Content Modules; as Stripe Cards Management Page is a content module, it requires the Content Modules implementation introduced in osCommerce Online Merchant v2.3.4. Please refer to its release notes to add the implementation into your existing store.

SSL Certificate Verified Transactions

All secured API transaction calls sent to Stripe are performed by verifying Stripe's SSL certificates to guarantee the identity of Stripe. This is performed by using the following public keys in order if they are available:

  • ext/modules/payment/stripe/
  • includes/cacert.pem (public key bundle)
  • the web server configured public key bundle

A test connection link is available on the payment module configuration page which can be used to test if API transaction calls to Stripe can be verified from your web server. If the test connection fails, please contact your hosting provider as they may need to update your web server configuration. The SSL certificate verification can also be disabled on the payment module configuration page however it is highly discouraged to disable.

Some web hosting providers require a curl proxy to be used which can be configured on the payment module configuration page.

Configuration Settings

Parameter Description Default
Enable Stripe Module Setting this parameter to True makes the payment method available to customers during the checkout procedure. True
Publishable API Key The Publishable API Key of the account to use for transactions.
Secret API Key The Secret API Key of the account to use for transactions.
Create Tokens Allows customers to store their payment cards securely at Stripe and reference the cards for future payments via tokens. False
Verify With CVC Setting this parameter to True verifies the credit card billing address with the Card Verification Code (CVC). True
Transaction Method The following transaction methods are available to process transactions with:
The Authorize transaction method only verifies the card and card holder. Authorizations can be captured manually on the Stripe Merchant dashboard.
The Capture transaction method verifies, authorises, and transfers the funds to your Merchant account.
Set Order Status The orders status will be updated to this value when a successful transaction has been made. Default Order Status
Transaction Order Status Transactions are logged in this private order status level. Stripe [Transactions]
Payment Zone If set, this payment method will only be available to orders made within the defined zone.
Transaction Server The following transaction servers are available to process transactions through:
The Live server is used in production environments to process and receive payments from customers.
The Test server is only used to test transactions with. No transactions are processed and no payments are made when transactions are being tested.
Verify SSL Certificate Verify Stripe's identity when API communication calls are sent. True
Proxy Server Send API communication calls through this proxy server.
Debug E-Mail Address Send invalid transaction parameters to this e-mail address.
Sort Order The position to show the payment method on the checkout payment page against other available payment methods.

Add-On Package

The separate Stripe.js Add-On package is available at:

Online Demonstration

An online demonstration is available at:

For the online demonstration, Stripe.js has been configured with Stripe's test server environment and requires a test payment card to purchase an order.

Manual Installation (as an Add-On)

After extracting the Add-On package, copy the files located in the catalog directory to your osCommerce installation directory on the server. The files must be copied in the correct directory structure as extracted from the Add-On package.

The file listing is as follows:

  • includes/languages/english/modules/payment/stripe.php
  • includes/modules/payment/stripe.php

The standard language definitions in English are provided in the Add-On package. For additional languages, copy the English language definition file to the appropriate language directory and open the file with a text editor to edit the language definitions. The location of the language definition file must be in:

  • includes/languages/LANGUAGE/modules/payment/stripe.php

When the files have been copied to their appropriate locations, the payment module will be available on the Administration Tool -> Modules -> Payment -> Install Module page where it can be installed, or on the Administration Tool -> Modules -> Payment page if the module was already previously installed.

If the module was already previously installed, it is important to visit the module configuration page to make sure new parameters are automatically installed in the database.


v1.1 09-Jun-2014
v2.2 compatibility updates (jQuery is now injected into the page when it has not been loaded).
v1.0 02-Jun-2014
Initial Release