diff --git a/app/controllers/checkout_controller.rb b/app/controllers/checkout_controller.rb
index 0b9de7a174..d5f2e0ffee 100644
--- a/app/controllers/checkout_controller.rb
+++ b/app/controllers/checkout_controller.rb
@@ -239,27 +239,6 @@ class CheckoutController < Spree::StoreController
   end
 
   def permitted_params
-    params.permit(
-      order: [
-        :email, :special_instructions,
-        :existing_card_id, :shipping_method_id,
-        payments_attributes: [
-          :payment_method_id,
-          source_attributes: payment_source_attributes
-        ],
-        ship_address_attributes: permitted_address_attributes,
-        bill_address_attributes: permitted_address_attributes
-      ],
-      payment_source: payment_source_attributes
-    )
-  end
-
-  def payment_source_attributes
-    [
-      :gateway_payment_profile_id, :cc_type, :last_digits,
-      :month, :year, :first_name, :last_name,
-      :number, :verification_value,
-      :save_requested_by_customer
-    ]
+    PermittedAttributes::Checkout.new(params).call
   end
 end
diff --git a/app/services/permitted_attributes/address.rb b/app/services/permitted_attributes/address.rb
new file mode 100644
index 0000000000..4fd7908297
--- /dev/null
+++ b/app/services/permitted_attributes/address.rb
@@ -0,0 +1,11 @@
+module PermittedAttributes
+  class Address
+    def self.attributes
+      [
+        :firstname, :lastname, :address1, :address2,
+        :city, :country_id, :state_id, :zipcode,
+        :phone, :state_name, :alternative_phone, :company
+      ]
+    end
+  end
+end
diff --git a/app/services/permitted_attributes/checkout.rb b/app/services/permitted_attributes/checkout.rb
new file mode 100644
index 0000000000..c5bda0739a
--- /dev/null
+++ b/app/services/permitted_attributes/checkout.rb
@@ -0,0 +1,34 @@
+module PermittedAttributes
+  class Checkout
+    def initialize(params)
+      @params = params
+    end
+
+    def call
+      @params.permit(
+        order: [
+          :email, :special_instructions,
+          :existing_card_id, :shipping_method_id,
+          payments_attributes: [
+            :payment_method_id,
+            source_attributes: payment_source_attributes
+          ],
+          ship_address_attributes: PermittedAttributes::Address.attributes,
+          bill_address_attributes: PermittedAttributes::Address.attributes
+        ],
+        payment_source: payment_source_attributes
+      )
+    end
+
+    private
+
+    def payment_source_attributes
+      [
+        :gateway_payment_profile_id, :cc_type, :last_digits,
+        :month, :year, :first_name, :last_name,
+        :number, :verification_value,
+        :save_requested_by_customer
+      ]
+    end
+  end
+end