Getting Started
1. Install the App
Install CertNode Evidence Vault from the Stripe App Marketplace. The app adds three views to your Stripe Dashboard:
- Home Overview — Dashboard stats, billing preview, recent evidence
- Payment Detail — Per-payment evidence checklist on each payment page
- Settings — Enable/disable collection, setup status, pricing info
2. Enable Evidence Collection
Navigate to the Evidence Vault settings page in your Stripe Dashboard and toggle “Enable Evidence Collection” on. Evidence capture begins immediately on all new successful payments.
3. Add collect.js (Recommended)
For maximum evidence coverage, add the collect.js script to your checkout page. This captures device fingerprint and IP address — data that Stripe does not include in payment events.
Place this before your Stripe Elements or Checkout code. It runs silently with no visible UI.
collect.js Integration
What It Collects
- Device fingerprint — canvas, WebGL, screen resolution, timezone, installed fonts, audio context
- IP address — resolved server-side at collection time
How It Works
collect.js generates a device fingerprint hash and stores it in Stripe payment metadata. When the payment succeeds, the vault webhook reads this metadata and stores it alongside 3DS/AVS/CVC data.
Using with Stripe Elements
<!-- Add collect.js before Stripe Elements --> <script src="https://certnode.io/collect.js"></script> <!-- When creating the PaymentIntent, include metadata --> <script> const metadata = await CertNode.getMetadata(); // Pass metadata.device_fingerprint and metadata.ip_address // to your server when creating the PaymentIntent </script>
Using with Stripe Checkout
If you use Stripe Checkout (redirect), collect.js data is automatically included via session metadata when the script is present on the page before redirect.
Evidence Data Captured
| Data Point | Source | Dispute Value |
|---|---|---|
| 3D Secure | Stripe (automatic) | Proves cardholder authenticated. Near-automatic win for fraud disputes. |
| AVS | Stripe (automatic) | Billing address matched card records. |
| CVC | Stripe (automatic) | Card verification code correct — card was present. |
| Device Fingerprint | collect.js | Ties purchase to specific device. Matches prior legitimate purchases. |
| IP Address | collect.js | Geographic consistency with billing address. |
| RFC 3161 Timestamp | CertNode (automatic) | Independent proof that evidence existed at payment time — before any dispute. |
Pricing
Monthly fee
$0
Per-transaction fee
$0.03 per captured transaction ($0.02 for Reflex users — 33% discount)
Monthly minimum
$5/month. Waived if zero transactions are captured in the billing period.
Billing cycle
Monthly invoices generated on the 1st for the previous month's usage.
Example: 1,000 payments captured × $0.03 = $30.00/month. With Reflex bundle: 1,000 × $0.02 = $20.00/month.
Data Retention
Evidence is retained for 13 months from the date of capture. This covers the full chargeback window for all major card networks:
- Visa: 120 days from transaction date
- Mastercard: 120 days from transaction date
- American Express: 120 days from transaction date
- Discover: 120 days from transaction date
After 13 months, evidence data is permanently deleted. RFC 3161 timestamp tokens are retained indefinitely as they contain no PII.
Privacy & Compliance
Evidence Vault collects only data necessary for payment fraud prevention — a legitimate interest under GDPR Article 6(1)(f) and similar regulations.
What we store: Authentication results (3DS, AVS, CVC), device fingerprint hash (not raw signals), IP address, card brand/last4/country, risk level.
What we do NOT store: Full card numbers, customer names, email addresses, billing addresses, or any data beyond what is needed for chargeback defense.
Device fingerprints are stored as SHA-256 hashes. The raw browser signals (canvas, WebGL, fonts) are not stored — only the hash for matching purposes.
For full details, see our Privacy Policy.