- poppysoapAsked on July 23, 2012 at 08:31 PM
Hello, I am creating a form where the user will enter credit card information. Of course, this needs to be encrypted. This is how I embed the form on my shopify website:
Can you verify that the form is secure and properly encrypted for this type of use? What type of encryption is it using? I noticed that the page in which it is embedded does not have https:// in its header (just the regular http://) but firebug shows that the form action is: https://submit.jotform.ca/submit/21928732397262/ (there is a https://). Is this form secure?
- poppysoapAnswered on July 23, 2012 at 09:13 PM
Would it also help if I make the page URL https:// i.e:
Would that be sufficient?
- jeanettebmzAnswered on July 24, 2012 at 12:25 AM
I was not able to enter into your site, because it is password protected one
Please follow this guide:
Go to Setup & Embed > Embed Form
Choose Source then select the "Secure Form" check box
All the various embedding options will now be updated ready for use on your website.
Please check this guide for complete details
- poppysoapAnswered on July 24, 2012 at 12:35 AMSo, from the discussion here:
if my page does not start with https then I cannot embed the form there? Or
do you mean that if I embed the form in a webpage that does not start with
https it is not secure? I assume I cannot simply change the link to that
page from http to https and expect it to be secure, right?
- jeanettebmzAnswered on July 24, 2012 at 12:46 AM
You need to change the embed code of the form to the secure URL http://secure.jotform.com/form/formID, as explained on the guide. This way, it will submit encrypted data to our servers
Like the guide also explains
If you don't have a secure webserver (i.e your website's address doesn't start with https) and you embed a secure form into the webpage, the end user's web browser will report the connection as not being entirely secure. In these instances, it may be better to provide a link to the form using its JotForm URL.
That means it doesn't matter if your webiste's URL doesn't start with https, it will always submit securely, but in order to avoid web browsers warning on the user's end, it will be good to just provide a link (the secure link) to the form