How Secure is Jotforms with SSL?

  • Profile Image
    Asked on June 30, 2010 at 04:46 PM
    I'm not a web developer, I just have basic HTML/Java/css skills. I am using Apple's WYSIWYG web page builder called iWEB. It has a feature called HTML snippets where you can insert widgets onto your page. I've been using Jotform to create widgets, which has been working great, by the way.My question is: I just upgraded my url to have basic static SSL encryption - I still need to get the certificate and change my DNS server to the static IP that it assigns. Once I have the site SSL protected, how secure is JOTFORM's merchant form? I will most likely use Authorize.Net or PayPal Pro so that clients can pay their bill on-line. When people enter their credit card info on my site, how much risk will there be for a 3rd party being able to access the sensitive information? I am assuming I will need to change the jotform to https and also probably need to open the html pages created by iweb and change those from http to https? Is that it, is it that easy? Or am I in over my head :) ? - ThanksPS - I will most likely iframe the payment page within the front page - so there will be three layers (the front page which will load a frame within it which is the payment page and on the payment page will be a widget - the jot form merchant).
  • Profile Image
    Answered on July 01, 2010 at 08:38 AM
    No, I think these are great questions. What we basically do is to send the information entered to the merchant API and do not keep a copy of it in our database, emails or even our server logs. We simply transfer the information securely to Paypal/ etc and only check if the payment goes through successfully. 

    We basically do not keep any sensitive information in our servers. We also send the sensitive information securely to the Paypal/ API.

    Of course, you should use the secure JotForm form URL on your page. So, the form code you enter to the HTML snippet should point to the secure