How GiveCheck Uses Stripe Connect (Read-Only)
A technical explanation for founders concerned about connecting their Stripe account — what GiveCheck can and cannot access.
The most common question founders ask before joining GiveCheck is: "You want me to connect my Stripe account? What exactly can you see?" It's a fair question, and we believe in radical transparency about our Stripe integration. Here's exactly how it works.
OAuth, Not API Keys
GiveCheck uses Stripe Connect with OAuth — the same secure authorization flow used by platforms like Shopify, Zapier, and thousands of other SaaS tools that integrate with Stripe. You never share your API keys with GiveCheck. Instead, you go through Stripe's official OAuth flow, which grants GiveCheck a scoped access token.
This is the same process you'd use to connect any authorized third-party application. Stripe controls the authorization, handles the token exchange, and enforces the permission scopes. GiveCheck doesn't build or maintain its own Stripe credential system.
What GiveCheck Can See
The OAuth scope GiveCheck requests is deliberately minimal. Here's exactly what the integration can access:
- Balance transactions: GiveCheck can read your balance transaction history — the aggregate inflows to your Stripe account. This is used to calculate your monthly gross revenue figure.
- Account information: Basic account details like your business name and currency, used for display purposes on the leaderboard and badge.
That's it. Two endpoints. Balance transactions and account info.
What GiveCheck Cannot See or Do
Here's the list of things GiveCheck's Stripe integration explicitly cannot do:
- Cannot see individual customers: GiveCheck has no access to your customer list, their email addresses, payment methods, or subscription details.
- Cannot see individual charges: The integration reads aggregate balance transactions, not individual payment records.
- Cannot create charges: GiveCheck cannot charge your customers, create invoices, or initiate any payment on your behalf.
- Cannot modify your account: No changes to your Stripe settings, payout schedule, or account configuration.
- Cannot access Stripe Dashboard: The OAuth token doesn't grant dashboard access. GiveCheck's access is purely API-based and automated.
- Cannot transfer funds: GiveCheck cannot move money out of your Stripe account or initiate payouts.
How Revenue Is Calculated
Each month, GiveCheck's verification system queries your Stripe balance transactions for the previous calendar month. It sums the gross amount of all successful transactions, excluding refunds, disputes, and Stripe fees. This gives us your gross monthly revenue — the denominator in your MRG percentage calculation.
The calculation runs automatically on the 1st of each month. The result is stored as a single number (gross revenue in cents) and a timestamp. No transaction-level data is stored in GiveCheck's database.
Data Storage and Security
GiveCheck stores the following Stripe-related data:
- Your Stripe account ID (used to identify the connection)
- The OAuth access token (encrypted at rest, used for API calls)
- Monthly revenue totals (a single number per month)
- Your business name and currency
All data is encrypted at rest and in transit. OAuth tokens are stored in a separate, encrypted secrets store with access logging. GiveCheck's infrastructure runs on secure cloud providers with SOC 2-compliant hosting.
Revoking Access
You can revoke GiveCheck's access at any time through your Stripe Dashboard under Settings > Authorized Applications. Revoking access immediately invalidates the OAuth token, and GiveCheck can no longer query your account. Your badge will transition to a gray "Verification Lapsed" state within the next verification cycle.
You can also disconnect from within GiveCheck's dashboard, which triggers the same revocation process. There are no cancellation fees, lock-in periods, or penalties for disconnecting.
We built the Stripe integration to be as minimal and transparent as possible because trust is the foundation of what we do. If you have questions about the technical implementation that aren't covered here, reach out to our team — we're happy to walk through the details.