Hello,
Can we use dash/plotly to create a UI to take payments safely from clients? Is dash/plotly that mature? Of course I know that we can create such a UI but the focus of my question is the safety concern and the library maturity for this purpose.
Thank you
Hello,
I previously created apps that handle payments from clients.
I don’t think we can say Dash is secure or not, it all depends on what you achieve with and your level of understanding how it works and how to handle user sensitive credentials in a secure way , e.g.:
- CSRF tokens
- avoiding XSS
- not storing sensitive info on the web browser
- …
What you should do is to externalize all the payment process (form & payment validation) with an external service, like Paypal, Stripe, etc…
Example:
- the user is browsing your app, is ready to pay.
- you display a button/link that redirects to a Stripe form
- the user fills in the payment info outside of your app, on the Stripe generated form
- the payment is being handled by Stripe
- the user is redirected to your app after everything is processed
- your app display a result given that the payment was successful or not.
And this is general advice that applies not only to Dash plotly.
Hope it helps 
1 Like