How can I verify that the form is properly encrypted?

  • Profile Image
    poppysoap
    Asked on July 23, 2012 at 08:31 PM

    Hello, I am creating a form where the user will enter credit card information. Of course, this needs to be encrypted. This is how I embed the form on my shopify website: 

    <script type="text/javascript" src="https://secure.jotform.ca/jsform/21928732397262"></script>

    Can you verify that the form is secure and properly encrypted for this type of use? What type of encryption is it using? I noticed that the page in which it is embedded does not have https:// in its header (just the regular http://) but firebug shows that the form action is: https://submit.jotform.ca/submit/21928732397262/ (there is a https://). Is this form secure?

  • Profile Image
    poppysoap
    Answered on July 23, 2012 at 09:13 PM

    Would it also help if I make the page URL https:// i.e:

    https://poppysoapco.myshopify.com/pages/wholesale-application

    Would that be sufficient?

  • Profile Image
    jeanettebmz
    Answered on July 24, 2012 at 12:25 AM

    I was not able to enter into your site, because it is password protected one

    Please follow this guide:

    Go to Setup & Embed > Embed Form
    Choose Source then select the "Secure Form" check box



    All the various embedding options will now be updated ready for use on your website.

    Please check this guide for complete details

    Best regards

    Jeanette

  • Profile Image
    poppysoap
    Answered on July 24, 2012 at 12:35 AM
    So, from the discussion here:
    http://www.jotform.com/answers/29757-If-I-don-t-have-a-https-website-what-do-you-mean-when-you-say-I-can-gi
    if my page does not start with https then I cannot embed the form there? Or
    do you mean that if I embed the form in a webpage that does not start with
    https it is not secure? I assume I cannot simply change the link to that
    page from http to https and expect it to be secure, right?
    Thanks.
    Alan
  • Profile Image
    jeanettebmz
    Answered on July 24, 2012 at 12:46 AM

    You need to change the embed code of the form to the secure URL  http://secure.jotform.com/form/formID, as explained on the guide. This way, it will submit encrypted data to our servers

    Like the guide also explains

     If you don't have a secure webserver (i.e your website's address doesn't start with https) and you embed a secure form into the webpage, the end user's web browser will report the connection as not being entirely secure. In these instances, it may be better to provide a link to the form using its JotForm URL.

    That means it doesn't matter if your webiste's URL doesn't start with https, it will always submit securely, but in order to avoid web browsers warning on the user's end, it will be good to just provide a link (the secure link) to the form