Stripe Tracking & Telemetry

[Meap]

Hello,

I have noticed that after having activated Stripe as a payment option in my Invision Community Forums that user information is always being sent to m.stripe.com even when a user is not on the store page at all. It just always loads it and logs info. Is there any way that this can be updated to not load the script unless actually doing a checkout? I care about my users their privacy and don't want to be a data collector for a third party.

Here is someone that documented this issue, and found out what is being logged:
Stripe is Silently Recording Your Movements On its Customers' Websites · mtlynch.io

[Hatsu]

This is related to this topic.

  The reason for this is:

On 10/14/2021 at 4:09 PM, Ryan Ashbrook said:

For what it's worth - the reason we include it on all pages is because that is what Stripe recommends for maximum fraud prevention.

https://stripe.com/docs/radar/checklist#include-stripe-js

 

[The Old Man]

Arne,

I agree, you don't need to be a conspiracy enthusiast or tin foil hat wearing website owner to see it's grossly invasive of privacy and quite unjustifiable in the days of GDPR. We can't restrict it to commerce or checkout related pages only and Stripe bless 'em, surely can't detect card fraud by 100's if not 1000's of updates about individuals reading topics about say favourite pizza toppings, looking after tropical fish etc.

When you factor in more or highly sensitive content, perhaps medical conditions or preferences, thats really not good, off the scale not good!

Site visitors can't opt out of it, certainly before it starts tracking them, as far as I can see, which isn't right.
There have been numerous topics here about it in the past. Its only a recommendation but certainly not a requirement, so I wish IPS (as established corporate advocates of anonymous posting and pride etc) would step up and take some ownership on improving this, and provide us with AdminCP options either for sidewide, commerce or checkout Stripe integration only.

Edited December 2, 2021 by The Old Man

[Matt]

Stripe records this information to help detect suspicious activity as part of their fraud management.

https://stripe.com/docs/disputes/prevention/advanced-fraud-detection 

[The Old Man]

Thanks @Matt

They provide a good and valuable service, if you take payments it's a huge reassurance, but it's the integration within IPS Community Suite that is the issue, it's disproportionate and unjustified. It just needs to be included within Commerce, not Gallery, Blog, Forums etc.

For years staff in their responses about this issue have effectively been saying it's necessary throughout the whole suite because that's what Stripe say and recommend, but it's not mandatory or binding. At worst it may be less effective if their system doesn't know whether one of my members or visitors read a blog post, viewed a Gallery image or forum.

I also think their recommendation is based and in relation to being used on an e-commerce site, where it would much more sense from that perspective. In fact I just read this on that page...

Quote

Stripe therefore encourages including Stripe.js on every page of the shopping experience, not just the checkout page.

and on https://stripe.com/docs/js/including

Quote

To best leverage Stripe’s advanced fraud functionality, include this script on every page, not just the checkout page. This allows Stripe to detect suspicious behavior that may be indicative of fraud as customers browse your website.

Again I think they wrote this from the perspective that you are integrating it into an online store, with 'every page' meaning product description pages, etc. I think if asked, they'd agree.

Apologies if this reads very passionately but I don't see why, if the integration won't be limited to the Commerce app, that we can't have a simple toggle to be able to choose for ourselves to limit it to Commerce or not, since after all, we're the site owners being responsible under GDPR.

IPS provide useful tools to assist us with GDPR compliance, so it's confusing why this is overlooked.

Edited December 21, 2021 by The Old Man
Couple of additional points

[opentype]

17 minutes ago, The Old Man said:

I also think their recommendation is based and in relation to being used on an e-commerce site…

Following a user through some shop categories is very different from online communities, where 99.9% of the user’s activity might be in the community area and the shop is maybe used once a year. 

In that sense an option to limit the use of the Stripe call would make a lot of sense. 

[Matt]

Fair points, I'll take it to the team.

[Matt]

Ok, I've added an issue in our tracker to restrict the JS to just Nexus.

[The Old Man]

Thank you @Matt that's brilliant news.

Improving privacy is always a good thing, plus there will be performance improvement too on non-commerce pages as a side bonus (besides sending and receiving, they also use 4 different domains).

Thanks to you and the team for revisiting this. 

[Matt]

It's why you guys are the best. You help make us better.