Sending credit card numbers directly to the Stripe API is generally unsafe

Learn why you might see this Stripe error and how to resolve it by enabling raw card data APIs.

The Error Message

Sometimes when activating Stripe payments, you might receive the following error:

Booking: 2254125 Stripe 853 Error: Sending credit card numbers directly to the Stripe API is generally unsafe. To continue processing use Stripe.js, the Stripe mobile bindings, or Stripe Elements. For more information, see https://dashboard.stripe.com/account/integration/settings. If you are qualified to handle card data directly, see https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis.

How to Resolve This

To enable raw card data APIs on your account, please contact Stripe support team with the following information:

Contact Stripe Support to Enable Raw Card Data

What Information to Provide

A brief written description of the systems and services in your application which handle card data. If you fully outsource this activity to a PCI DSS-compliant third party, please provide the name of that service provider.

One of the following documents:

  • A current, complete PCI DSS Self-assessment Questionnaire (SAQ) D.
  • If you meet the qualifications of a Level 1 Merchant or Service Provider, a current PCI DSS Attestation of Compliance for Onsite Assessment.
PCI Compliance Validation Requirements
How to contact Stripe illustration

write that you are using NObeds channel management system + upload SAQ file:[NOBEDS_PCI_2025.pdf]

If You Outsource Card Handling

If you fully outsource the handling of card data to a PCI DSS-compliant third-party service provider, only accept online or mail order/telephone order (MOTO) payments, and otherwise qualify, a Self-Assessment Questionnaire (SAQ) A. This document must list your entity's information and list the third-party service provider in Part 2f.

Follow our guide to PCI Compliance