Payment Processing

Stripe Payments on AWS

Accept payments anywhere with Stripe: PCI compliance handled, webhook events trigger AWS workflows.

Stripe + AWS Payment Processing

Stripe is the simplest way to accept payments on AWS. Stripe handles PCI compliance; your AWS app handles order logic.

Why Stripe on AWS?

PCI Compliance

Stripe, not you, handles card data
Reduces PCI DSS scope dramatically
No cardholder data in your database

Webhooks

Stripe sends events to AWS via HTTP
Payment received → webhook → Lambda → update database
Fully automated payment processing

Developer Friendly

Simple REST API
Excellent documentation
Stripe.js handles payments securely in browser

Global Payments

Accept cards worldwide
Multiple currencies
Local payment methods (Apple Pay, Google Pay, etc.)

How Payment Flow Works

1. User initiates purchase

Frontend calls /create-payment-intent (Lambda)
Lambda creates Stripe PaymentIntent
Returns client secret to frontend

2. User enters card details

Stripe.js handles payment securely
Card data never touches your servers
Stripe returns payment intent status

3. Payment confirmed

Frontend confirms payment with Stripe
Stripe processes transaction

4. Webhook notifies AWS

Stripe sends payment_intent.succeeded webhook
API Gateway receives it
Lambda processes: create order, send email, etc.

5. Database updated

Lambda stores order in RDS/DynamoDB
Order workflow triggered

Stripe Architecture on AWS

Frontend (React/Vue)
  ↓ (Stripe.js)
Stripe API (secured)
  ↓ (payment succeeds)
Stripe Webhooks
  ↓ (POST /webhooks/stripe)
API Gateway
  ↓
Lambda (verify signature, process event)
  ↓
DynamoDB/RDS (store order)
  ↓
SNS (send confirmation email)

Key Stripe Concepts

Payment Intent

Represents payment in progress
Created before customer pays
Can be confirmed multiple times (retries)

Payment Method

How customer pays: card, ACH, Apple Pay
Can be saved for future use (subscriptions)

Webhook

Event notification from Stripe
charge.created, payment_intent.succeeded, etc.
Verify webhook signature (prevent forgeries)

Charge vs Payment Intent

Charge: old API, simpler
Payment Intent: new API, more flexibility (subscriptions, SCA)
Use Payment Intent for new projects

Implementing Stripe Webhooks in AWS

1. Create Lambda function

import json
import stripe

@app.route('/webhooks/stripe', methods=['POST'])
def webhook():
    payload = request.data
    sig_header = request.headers.get('Stripe-Signature')

    # Verify signature (ensure it's really Stripe)
    event = stripe.Webhook.construct_event(
        payload, sig_header, webhook_secret
    )

    if event['type'] == 'payment_intent.succeeded':
        intent = event['data']['object']
        # Process successful payment
        save_order_to_database(intent)

2. Configure Stripe webhook

Stripe Dashboard → Webhooks
Add endpoint: https://your-api.execute-api.us-east-1.amazonaws.com/prod/webhooks/stripe
Select events: payment_intent.succeeded, etc.

3. Test webhook

Stripe provides test events
Verify Lambda receives and processes correctly

PCI DSS Scope with Stripe

Without Stripe (you process cards)

Full PCI DSS Level 1 (strictest)
Annual assessment: $10,000+
Complex compliance

With Stripe (Stripe processes cards)

PCI DSS Level 3-4 (simplified)
Annual assessment: $0-1,000
Your scope: order data, user data, not cards

Stripe Pricing Example

$10,000 revenue/month

Stripe fee (2.9% + $0.30 per transaction)
Assuming avg $50 transaction, 200 transactions
Cost: $10,000 × 2.9% + 200 × $0.30 = $350

$100,000 revenue/month

2,000 transactions @ $50 average
Cost: $100,000 × 2.9% + 2,000 × $0.30 = $3,300

Best Practices

Security

Never store raw card numbers
Always verify webhook signatures
Use HTTPS for all APIs
Rotate webhook signing keys

Error Handling

Webhook failures (timeout, error)
Retry logic with exponential backoff
Log all webhook events
Alert on failed payment processing

User Experience

Show payment status to user
Retry payments on failure
Handle 3D Secure (SCA) authentication
Support multiple payment methods

Frequently Asked Questions

How do I accept payments with Stripe on AWS?

Create payment intent in Stripe → collect payment via Stripe.js → webhook sends payment.success event → Lambda processes order. Your app never touches card data; Stripe handles PCI compliance.

Do I need to comply with PCI DSS if I use Stripe?

Stripe handles PCI compliance for card data. But you still need SOC 2 or PCI compliance for your system (order processing, user data, etc.). Stripe removes the hardest part (cardholder data).

How do I sync Stripe payments to my AWS database?

Stripe webhooks send events (charge.created, payment_intent.succeeded) to AWS API Gateway → Lambda. Lambda processes event, stores in DynamoDB/RDS. Fully automated payment recording.

What Stripe features work well with AWS?

Webhooks → Lambda for event processing. Billing for subscriptions. Connect for marketplace payments. Radar for fraud detection. All trigger AWS workflows.

How much does Stripe cost?

2.9% + $0.30 per transaction (US, cards). 3.5% + $0.15 for ACH transfers. No monthly fee. For $10K/month: ~$400 Stripe fee.

Need Help with This Integration?

Our AWS experts can help you implement and optimize integrations with your infrastructure.

Talk to AWS Experts