diff --git a/CRM/Core/Payment/Stripe.php b/CRM/Core/Payment/Stripe.php
index b57b01e3da35c203d7cf84e54d3f6146e31562fb..1fd3ea76b527816089b91d3a461c180dd595b79c 100644
--- a/CRM/Core/Payment/Stripe.php
+++ b/CRM/Core/Payment/Stripe.php
@@ -14,6 +14,7 @@ use CRM_Stripe_ExtensionUtil as E;
 use Civi\Payment\PropertyBag;
 use Stripe\Stripe;
 use Civi\Payment\Exception\PaymentProcessorException;
+use Stripe\Webhook;
 
 /**
  * Class CRM_Core_Payment_Stripe
@@ -71,6 +72,13 @@ class CRM_Core_Payment_Stripe extends CRM_Core_Payment {
     return trim($paymentProcessor['user_name'] ?? '');
   }
 
+  /**
+   * @return string
+   */
+  public function getWebhookSecret(): string {
+    return trim($this->_paymentProcessor['signature']);
+  }
+
   /**
    * Given a payment processor id, return the public key
    *
@@ -1185,7 +1193,32 @@ class CRM_Core_Payment_Stripe extends CRM_Core_Payment {
       // We don't handle this event
       return;
     }
-    $ipnClass->setVerifyData(TRUE);
+
+    $webhookSecret = $this->getWebhookSecret();
+    if (!empty($webhookSecret)) {
+      $sigHeader = $_SERVER['HTTP_STRIPE_SIGNATURE'];
+
+      try {
+        Webhook::constructEvent(
+          $rawData, $sigHeader, $webhookSecret
+        );
+        $ipnClass->setVerifyData(FALSE);
+      } catch (\UnexpectedValueException $e) {
+        // Invalid payload
+        \Civi::log()->error('Stripe webhook signature validation error: ' . $e->getMessage());
+        http_response_code(400);
+        exit();
+      } catch (\Stripe\Exception\SignatureVerificationException $e) {
+        // Invalid signature
+        \Civi::log()->error('Stripe webhook signature validation error: ' . $e->getMessage());
+        http_response_code(400);
+        exit();
+      }
+    }
+    else {
+      $ipnClass->setVerifyData(TRUE);
+    }
+
     $ipnClass->onReceiveWebhook();
   }
 
diff --git a/docs/install.md b/docs/install.md
index 320b6c7d28e9fd5b5af2e7438af99c6f1e5670f0..a1a75197f8baac4463789db6c9bb44f3d04bd04f 100644
--- a/docs/install.md
+++ b/docs/install.md
@@ -1,22 +1,32 @@
 # Install / Configuration
-Please do help improve this documentation by submitting a PR or contacting me.
+
+## Installation
+**The [mjwshared](https://lab.civicrm.org/extensions/mjwshared) extension is required and MUST be installed.**
+
+**If using drupal webform or other integrations that use Contribution.transact API you should install the [contributiontransactlegacy](https://github.com/mjwconsult/civicrm-contributiontransactlegacy) extension to work around issues with that API.**
+
+The extension will show up in the extensions browser for automated installation.
+Otherwise, download and install as you would for any other CiviCRM extension.
 
 ## Configuration
 
 ### Stripe
-Create an API key by logging in to your Stripe dashboard and selecting [API keys](https://dashboard.stripe.com/account/apikeys) from the left navigation.  You can use the standard key, or you can click "Create restricted key" to have a more limited key.  Example key restrictions are listed below.
+
+Stripe automatically provides both a live and test account for you. Toggle the "test" switch in the Stripe dashboard to switch between the two accounts.
+
+Create API keys and a webhook secret by logging in to your Stripe dashboard and selecting
+[API keys](https://dashboard.stripe.com/account/apikeys) from the menu. You can use the
+standard key, or you can click "Create restricted key" to have a more limited key.
+Example key restrictions are listed below.
 
 ### CiviCRM
-All configuration is in the standard Payment Processors settings area in CiviCRM admin (**Administer menu > System Settings > Payment Processors**).
-Add a payment processor and enter your *Publishable* and *Secret* keys given by stripe.com.
 
-## Installation
-**The [mjwshared](https://lab.civicrm.org/extensions/mjwshared) extension is required and MUST be installed.**
+Configure a Stripe payment processor in the same way as you would for any other payment processor in CiviCRM.
 
-**If using drupal webform or other integrations that use Contribution.transact API you should install the [contributiontransactlegacy](https://github.com/mjwconsult/civicrm-contributiontransactlegacy) extension to work around issues with that API.**
+All configuration is in the standard Payment Processors settings area in CiviCRM admin (**Administer menu > System Settings > Payment Processors**).
 
-The extension will show up in the extensions browser for automated installation.
-Otherwise, download and install as you would for any other CiviCRM extension.
+Add a payment processor, select "Stripe" as the type and enter your
+*Publishable* and *Secret* keys and your *webhook secret* from the Stripe Dashboard.
 
 ## Permissions
 
diff --git a/stripe.mgd.php b/stripe.mgd.php
index 486bf445bbdf5ec62f8a6140bccdd1caa2eac394..179edd28e81cbd78bcc87a48d1fda97b90174bd1 100644
--- a/stripe.mgd.php
+++ b/stripe.mgd.php
@@ -17,10 +17,9 @@ return [
       'class_name' => 'Payment_Stripe',
       'user_name_label' => 'Publishable key',
       'password_label' => 'Secret Key',
-      'url_site_default' => 'https://api.stripe.com/v2',
-      'url_recur_default' => 'https://api.stripe.com/v2',
-      'url_site_test_default' => 'https://api.stripe.com/v2',
-      'url_recur_test_default' => 'https://api.stripe.com/v2',
+      'signature_label' => 'Webhook Secret',
+      'url_site_default' => 'http://unused.com',
+      'url_site_test_default' => 'http://unused.com',
       'billing_mode' => 1,
       'payment_type' => 1,
       'is_recur' => 1,