Stripe has done a simple, but beautiful thing: it turned the garbage that is the average payment form and made it suck less. The button alone may not blow you away (if you’re a designer, it may), but the fact that something this gorgeous has the potential to become wide-spread makes us excited.
The problem is that with the Stripe interface appearing in an
<iframe>, rather than as a distinct Web page, there’s no way for the customer to know that it’s legit. You can’t tell whether it’s a secure connection, which domain is serving the form, or whether there’s a green extended validation bar.