For Braintree payment, Jotform requires me to fill in Braintree Merchant ID, Public Key and Private Key. Are these stored in Jotform's database?

  • Profile Image
    nextacademy
    Asked on September 08, 2017 at 02:33 AM

    Are the keys stored in Jotform's database in plain text? How secure is it and how can I be sure who has access to these keys in Jotform?

  • Profile Image
    omur
    Answered on September 08, 2017 at 04:26 AM

    Hello Nextacademy,

    Thank you for bringing this up.

    The Merchant ID, Public Key and Private key are all required to initiate a form with payments. Without them, a form with Braintree payments would not work.

    You can read the details at this page:

    https://articles.braintreepayments.com/control-panel/important-gateway-credentials#api-credentials

    All of your data is securely stored on our servers and there shouldn't be any reason for concern really.

    If you still have questions feel free to write us.

    Thank you

  • Profile Image
    nextacademy
    Answered on September 08, 2017 at 04:30 AM

    Hi omur, 

    Would you say that anyone that has access to those 3 details would be able to do anything with our Braintree account though? 

  • Profile Image
    omur
    Answered on September 08, 2017 at 04:38 AM

    Well the only thing that could be done theoretically is to charge money to your account but practically nobody has access to those details so I don't see any reason for concern.

    In either way, it is required for the integration to work properly. Without them, JotForm can not charge cards on your behalf.