What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.
At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.
We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.
Can we POST to Authorize.net and have customers enter all their CC data there?Asked by Presscats on April 19, 2013 at 01:06 PM
I got the first version of our form finished and my business partner nearly had a meltdown. Since we aren't using SSL the form data, including the CC info was going in the clear to Authorize.net which is dangerous.
I know I can buy an SSL certificate for my website and use the SSL version of the forms to increase security but this too is not enough for my business partner. We have another system for online ordering that takes all the order data and POSTs a total out to Authorize.net and redirects customers to their site for secure payment, then redirects them back with the appropriate Accept or Decline notification. Is there any way to do something like this with your system? To create an order with a subtotal then instead of having them input the CC info on our page, send them with their subtotal and order ID to Authorize for payment?
There seems to be several ways Authorize.net could accomodate this...
Thanks for your help on this, I really like what I see so far and hope this can be a workable solution for us.
To create an order with a subtotal then instead of having them input the CC info on our page, send them with their subtotal and order ID to Authorize for payment?
I am not sure if what you are looking for is this one. In our Authorize.Net payment field, there is a property that allows "Authorize Only", set this to YES and it will allow your transaction to have options stated on this article http://www.authorize.net/support/merchant/
Please inform us if this not sufficient to what you need.
I'm sorry I wasn't clear. What I object to is the entry of credit card data on our web page. What I would like to happen is to have all the product selection details available but none of the Payement details. Keep everything from "Select your options to check out" all the way to "Total" but remove all the Credit Card and Billing info.
Then when they click submit they are sent to Authorize.net to complete their payment there. We don't want to have any responsibility for credit card data, PCI compliance, etc. We use Authorize.net because they do all that for us.
We do not have such integration with the Authorize.Net.
However, you can have completely secure Authorize.Net payment form with us. We do have the SSL option on our forms, and our Authorize.Net integration is completely valid and secure, it is based on their official API. When you accept credit card information on the form it is being forwarded to their service, so we do not store any sensitive billing information on our servers.
Note: There is no need in purchasing additional SSL certificate for your website when you use our SSL form.
Please feel free to contact us if you need any further assistance.
Although you use SSL and all that because the payment data is done on your website you are in scope to adhere for PCI complience.. sadly.. The only real way to NOT have PCI issues is to send users to their site for payment entry and then take them back like paypal does.
Thank you for your input. Your statement is correct, as we do not have PCI compliance. Nevertheless, our payment tools function with API's provided by PCI compliant online payment services.
We do not process the information, it is transmitted securely according to set standards by the payment service to their servers, via SSL. We do not store the payment details on our end.
I'm running into the same issue as Presscats and would prefer to have the same functionality. You currently do this with Paypal, why not with Authorize.net?
With Auth.net, I can integrate their DPM with a WooCommerce Shopping cart and put all the credit card info at auth.net. Why can't JotForm pass the same info?
The reports in JotForm are much cleaner then WooCommerce, so I would prefer to stay with JotForm, just because of this.
In order to better address your concern and possibly raise it as a feature request, I have moved your post to a new thread:
We will be supporting you there, shortly. Thank you.