-
JrlichtAsked on January 3, 2020 at 9:38 PM
Hi,
If you have the time I have a quick question... I understand that JotForm is secured via SSL. Can you point me in the right direction regarding the security of data transfers from JotForm?
My workflow currently looks like Jotform --> Zapier --> Copper.com.
I can't encrypt the data transfer from Jotform because Zapier doesn't currently have the functionality to decrypt the data.
Do you know what other users do with secure information (Specifically Social Security Numbers)? Any information you can provide me would be helpful. Thank you.
-
AshtonPReplied on January 4, 2020 at 12:32 AM
Can you point me in the right direction regarding the security of data transfers from JotForm?
Jotform has a very powerful cloud of servers whose storage is encrypted and provides security protection against malicious attacks like SQL injection and denial of service (DDOS) attacks. All of our SSL certificates support high-grade 256-bit encryption. Our forms embed codes and the default links we provide are 100% using the HTTPS protocol (SSL) by default. Therefore, the data transmissions from the person who submits the information to our servers are done in an encrypted manner.
I would suggest you check this guide as well.
https://www.jotform.com/help/344-Encrypted-Forms-and-How-to-Use-Them
Here is a guide on how to receive SSL submissions: http://www.jotform.com/help/63-How-can-I-receive-SSL-Submissions
If you want your form user to know that their data will be sent securely, you can add enable security certificate seal in your form. Here is a guide which you can refer: http://www.jotform.com/help/131-Enabling-Security-Certificate-Seal-on-Secure-Forms
I can't encrypt the data transfer from Jotform because Zapier doesn't currently have the functionality to decrypt the data. Do you know what other users do with secure information (Specifically Social Security Numbers)? Any information you can provide me would be helpful. Thank you.
I would like you to visit the following thread to know more about securing sensitive information:
Thread link: https://www.jotform.com/answers/579678-Securely-transmitting-form-data
I hope this helps. Please let us know if you need any additional assistance.
-
JrlichtReplied on January 4, 2020 at 6:50 PMHi,
Thank you for this information. I read through the links you provided.
The part about adding a security certificate seal was very helpful, thank
you. I still have a remaining question.
My question is pertaining to Server to Server transfers from Jotform -->
Zapier --> Copper. I understand that the data transfer from the end user
to Jotform server is secure.
For server - to - server transfers, my issue is that although I can encrypt
the data transfer from Jotform, the receiving platforms don't have an easy
way to decrypt the information.
We are assuming that the authentication tokens are encrypted, so that data
should be encrypted, but we are unsure.
Based on the forums, there are a number of other use cases that are running
into this issue. Do you see any security issues with collecting sensitive
data like social security numbers, then subsequently transferring that data
via Zapier?
Thanks.
... -
AshtonPReplied on January 4, 2020 at 10:06 PM
Thank you for giving us more clarification on the issue!
My question is pertaining to Server to Server transfers from Jotform --> Zapier --> Copper.
Unfortunately, there is no solution for this.
For server - to - server transfers, my issue is that although I can encrypt the data transfer from Jotform, the receiving platforms don't have an easy way to decrypt the information.
When encryption is enabled, the data is already encrypted before it is sent to the Jotform server. So when the form is integrated with any apps, they'd get the encrypted data and there's no way to decrypt it since the encryption key is only stored in your browser locally.
Do you see any security issues with collecting sensitive data like social security numbers, then subsequently transferring that data via Zapier?
While you can create the integration to Zapier and send the data to it, please note that the data is encrypted on the side of the user submitting the form. Therefore, the same encrypted data will be passed to your integrations.
As such, the data itself is rather useless on the integration end since you will not be able to use it, unless, you have a way to decrypt the data on the side of that integration. This may be possible using some services, but this is not something we cover.
Hope this helps!
Let us know if you need any additional assistance.
-
AshtonPReplied on January 5, 2020 at 12:04 AM
I suggest you also refer this thread below if in case it helps you:
Thread link: https://www.jotform.com/answers/1755528-How-to-Decrypt-Encrypted-Forms-through-API
Regards.
- Templates
- Integrations
- INTEGRATIONS
- See 100+ integrations
- FEATURED INTEGRATIONS
PayPal- Slack
- Google Sheets
- Mailchimp
- Zoom
- Dropbox
- Google Calendar
- Hubspot
- Salesforce
- See more Integrations
- Products
- PRODUCTS
- Form Builder
- Jotform Enterprise
- Jotform Apps
- Store Builder
- Jotform Tables
- Jotform Inbox
- Jotform Mobile App
- Jotform Approvals
- Report Builder
- Smart PDF Forms
- PDF Editor
- Jotform Sign
- Jotform for Salesforce Discover Now
- Support
