Is Paypal integration safe via non secure JotForms if I host with Wix?

  • Profile Image
    Asked on May 02, 2015 at 08:23 PM

    Hi, I am hoping to integrate my Paypal Merchant buttons into JotForm, but I have a concern regarding the security of JotForm transactions, because my website is hosted on Wix, which does not allow to add an SSL certificate to its sites, so, there are no security features on my end to ensure that payments are secure.

    Would JotForm provide that security, or should I look into embedding Paypal buttons directly into my site so that the customer gets redirected to the secure Paypal payment website?

    Thanks in advance!

    PS Can I use my custom HTML generated by Paypal if I do integrate my Paypal buttons into JotForm, or would I have to go through a JotForm version of Paypal integration?

  • Profile Image
    Answered on May 03, 2015 at 02:17 AM

    Form SSL works independently. When you embed the secure form to your Wix page using iframe embed code, the form will be placed in an iframe container so even if your page doesn't support SSL, the form will be processed securely as long as you use https://secure with your form.

    If you do not use SSL encryption in your Jotform, then the whole form (including the payment tool on it) is NOT SSL encrypted.

    But since the payment tool is integrated to 3rd party payment gateway, upon submission of the non-SSL Jotform, the redirection to the payment gateway (i.e. Paypal) will now become SSL encrypted (https). You will noticed this in the payment screen which usually is the redirection destination. You will see that the payment screen will now be using https in its URL.

    I would suggest to you to use SSL Jotform forms.

    Hope this will help. Let us know if you need further assistance. 

  • Profile Image
    Answered on May 03, 2015 at 09:26 AM

    Thank you!

    Forgive me if I am being dense (I am just very new to this), but if I use the iframe embed option, AND the SSL JotForm, then the payments are definitely secure, regardless of what the security settings of my website are?

    Thank you in advance!

  • Profile Image
    Answered on May 03, 2015 at 10:24 AM

    If you embed a secure form in your HTTP site, the information entered into this form will be secure, but the information from your site will not be secure.

    In such as case I would recommend you providing a link to the secure form in your site to point to the secure URL, this way visitors will be able to see that the URL they are visiting is actually secured.