Is Jotform PCI compliant?

  • Profile Image
    Asked on June 01, 2017 at 04:41 PM

    I have a client who is interested in moving off of Fromstack to JotForm. Our main concern, and the reason we are leaving Formstack, is PCI compliance.


    Is Jotform PCI compliant?


    Please let me know.


    Thanks you,

    Joe Lindsay

  • Profile Image
    Answered on June 01, 2017 at 06:38 PM


    Jotform is PCI DSS complaint and has a PCI service provider level 2 certificate, however we do not collect credit card information in our servers. If to collect payment is needed through our forms, it is a must to add a Payment Integration. Our payment integration API's are provided by PCI compliant services, which means that we do not process the information, it is transmitted securely according to set standards by the payment service to their servers.

    Some of the API's use sophisticated methods to collect and encrypt the information.

    We provide a very high security throughout our provider's hosting  servers for stored data. We got a very powerful cloud of servers whose storage is encrypted which provides security protection against malicious attacks like SQL injection and Denial of Service (DOS).

    I hope this information helps.