When using the interface to Authorize.net, which application vendor (JotForm, or Auth.net) hosts the fields for credit card details?

  • Profile Image
    WheatonCollegeForms
    Asked on April 24, 2019 at 09:37 AM

    We are looking into using Authorize.net.  Our security team has the following question:

    When using the interface to Authorize.net, which application vendor (JotForm, or Auth.net) writes the code that renders the HTML Input field that collects the card data on the form that appears in the browser?  I am looking to understand whether JotForm is using an iFrame from Auth.net, or has written their own explicit code, which then calls an API on Auth.net.

    Thank you.

    Sandy Nielsen, Wheaton College

  • Profile Image
    Victoria_K
    Answered on April 24, 2019 at 11:59 AM

     Hello Sandy, 

    We do not process payments, this part is handled by a payment processor, Authorize.net in this case. Payment information provided by users does not land at our servers, it goes directly to Authorize.net. Credit Card fields are hosted by payment processors as far as I know. 

    https://www.jotform.com/blog/pci-dss-service-provider-level-i-compliant/