Are form submission and auto respond email sent back to user secure?

  • SSLFORMSONLINE
    Asked on October 21, 2020 at 4:50 PM

    Hi,

    I know that the form submitted to us is secure. Can you explain in technical details how it is secure?

    Also, is the auto respond email sent back to the client secure as well? Please explain the protocols on the email sent back to the client. Also is there a way to xxxx out private data when it is sent back?

    As of now, we have stopped using the auto respond “thank you” emails as a client has gone ballistic on us for his information being sent back to him and was not secure.

    We want to explain that you have a secure product but need your help with that. Also is any information kept on your servers and if so how is that protected?


    thank you.

  • Welvin Support Team Lead
    Replied on October 21, 2020 at 10:01 PM

    All your forms are served across a protected 256 bit SSL (Secure Socket Layer) connection that uses a SHA256 Certificate. It is the same level of protection used by online banking or e-commerce providers.

    Yes, all outbound and inbound connections are secured. We made sure it was the default for all our forms. In fact, one can't disable the security placed in the form.

    The autoresponder email will always contain a copy of the information submitted by your client. However, you can edit that and just add a message that would serve as their confirmation email aside from the thank you message page of the form.

    https://www.jotform.com/help/26-Setting-up-an-Autoresponder-Email

    Yes, all forms and data are stored on our servers, and they are also secured by the same level of security.

    We believe that we have laid out everything regarding our security through the following page: https://www.jotform.com/security/. Kindly check, and let us know if you want to clarify an item from the page.

    Thanks

  • SSLFORMSONLINE
    Replied on October 22, 2020 at 8:28 AM
    When you say all outbound connections are secure, does that mean the autorespond email is, in fact, secure? The crazy client has accused that “we exposed his private information to “the whole internet?””.
    Sent from my iPhone
    ...
  • Girish JotForm Support
    Replied on October 22, 2020 at 10:48 AM

    As mentioned by my colleague, the autoresponder email will contain the information entered by the client.

    However, since the data is received by the client at their end, anyone with access to the client's email can view the data. (other than that there is no option that data is visible to others)

    As prevention, what you can do is remove the email content of the autoresponder and enable the PDF attachment option on the autoresponder - https://www.jotform.com/help/503-How-To-Include-Submissions-As-PDF-Attachment-In-The-Email-Notifications.

    You can set up password protection on the PDF attachment also.