You might think we're crazy when we say we don't ever know your full card number. Your natural reaction might be "I enter my full number on your site, obviously you know my number!".
To get into the very fine details, we would have to explain how Stripe uses an iframe element to totally isolate the card details from our site while appearing to be on our site. In fact, the card form is sitting securely on Stripe's domain. It uses javascript, which is a client-side language, to allow you and your browser to see and interact with the credit card form, while still being isolated from our site.
It then submits that data securely to Stripe's servers (after all, the iframe is on Stripe already!) and then sends our site a secure token that we can receive once we prove it is actually our site. We can use this token to securely charge your card without ever actually knowing your card number. Cool right?!
That's one of the many reasons we partner with Stripe!