- rsynetzerAsked on April 03, 2018 at 06:35 AM
Is there any facility within Jotform to restrict a user or sub-user's ability to use payment apps?
The reason I ask, is we'd like our admin staff to be able to create forms, but only authorised managers to link payment accounts. This is to prevent anyone trying to link a form with their own accounts.
- JotForm SupportliyamAnswered on April 03, 2018 at 09:17 AM
Unfortunately, there is no control for sub-users to be prevented by the parent-user from using payment fields.
To clarify, do you mean to say that the sub-users are entering their own accounts in the payment gateway which you wish to prevent?
Good to know - I didn't think as much.
What I mean is that potentially, a member of staff could link a form to an unauthorised payment account and commit fraud. We are looking to reduce our internal risk of this happening by identifying areas of weakness and finding ways to strengthen our control over it.
However, in this instance, I don't believe there is a security solution from JotForm's point of view. Unless you can offer any other advice?
- JotForm SupportdavidAnswered on April 03, 2018 at 11:48 AM
Our view is that if a user is authorized to edit a form, they are a trusted user. If there is a possibility that your admin staff might commit fraud, it would not be advisable to share access to forms with them to begin with.