This article details security aspects of the Funraise Giving Form. Learn more about Funraise platform security.
The Funraise Giving Form transmits donor information through an encrypted SSL connection. SSL, or Secure Sockets Layer, is the standard security technology employed globally to protect sensitive information by e-commerce, financial, and media institutions like Amazon, Paypal, and Facebook.
Does my website need to be SSL secured?
Funraise Giving Forms transmit information over SSL and retain security best practices and standards even if a Giving Form is embedded on a website which is not protected by SSL. Whether or not, your website is secured by SSL - every donation through a Funraise Giving Form is SSL secured. Although, we do encourage every organization to deploy their website over an SSL connection as it enhances brand trust and improves search engine optimization.
Furthermore, credit card data never touches Funraise servers. Funraise never receives donor credit card information and we can never access credit card information. The PCI scoped fields (credit card number, cvv) are handled by our credit card tokenization partner Spreedly which protects that data in a highly secure vault. Spreedly is a PCI Level 1 Service Provider - which is the highest level of PCI DSS compliance available.
The Payment Card Industry Data Security Standard, or PCI DSS, is a proprietary information security standard for organizations that handle branded credit cards from the major card including Visa, MasterCard, American Express, Discover, and JCB. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. Validation of compliance is performed annually.