Author Profile Image


Aytekin Tank

Aytekin Tank is the founder of JotForm. He currently leads the JotForm development team. He loves to hear from JotForm users. Feel free to shoot him an email at aytekin at


Don’t miss out the latest posts!

PCI compliance

JotForm is Now PCI DSS Service Provider Level I Compliant

JotForm is thrilled to announce we’re now Payment Credit Industry Data Security Standard (PCI DSS) Service Provider Level I certified, the highest security attainment you can have as a business that collects payments from, and integrates with, credit cards.

We’re proud to be the first, and the only online form building platform to provide the highest level of security possible to our users. Here’s a short summary of what that means.

What is PCI compliance?

In a nutshell, PCI compliance is the security standard set by the major global credit card companies, including American Express, Discover, JCB, MasterCard, and Visa.

Why is JotForm PCI compliant?

JotForm had previously been certified as PCI DSS Service Provider Level 2, but as the volume of integrated payments increased, it became a necessary step to upgrade to the highest level of security. Companies that hit a transaction threshold are ultimately held to higher security standards, and rightly so.

Does JotForm process credit card information?

We don’t. Instead, we trust our terrific payment integration partners to do the processing for us. However, we still wanted to provide additional reassurance that we’re doing the most we possibly can to ensure safe, secure payments. And because so many users take advantage of our payment integrations (more than 20 now!), it was a necessary step to achieve the next level of security certification.

Why is Level One significant?

JotForm has been Level II certified for a while now, but the new designation means that we’ve passed several tests required for certification. This includes a penetration test, internal scan, and an annual report on compliance by a third party security assessor, among other requirements. 

PCI certificate

Your security will always be a top concern of ours at JotForm. Feel free to ask any questions that you may have!

Author Profile Image


Aytekin Tank

Aytekin Tank is the founder of JotForm. He currently leads the JotForm development team. He loves to hear from JotForm users. Feel free to shoot him an email at aytekin at

Send Comment


  • Erwin de Leon

    i am currently involved in a project/program for state government that is trying to prove to the IRS and State Legislators that our state systems are PCI compliant. with the thousands of hours annually needed to provide this, i want to understand how your company can save state government time and money, and keep that time and money towards more meaningful state government work.

    I also read a little about Aytekin Tank's life/leadership style and i like it. That's why i'm am contacting you.
    Thank you,
    Erwin de Leon
    517 285 1989

  • First Parish Church Saco

    I am trying to contact you to change Our credit card number for autopsy. How do I get this done?

  • Carlos Ramirez

    necesito mas información gracias

  • boydackland

    Dear Sir, I was surprised to be advised that I was a spammer, and my query was blocked. I had lodged several queries about the difficulty in finding ways to do certain functions, for instance, how do I get to transfer people who have registered on Jotform, to my own business program. I have been unable to find any instruction to this effect. as a result, to transfer names and details, I must write it out and then type it into my own program listings. I wanted to get an instruction to this effect, only to be advised that your people believed it spam and so blocked. Is this how your company brag about no complaints?
    Boyd Ackland ( customer over several years.)

  • BxClinic


  • Normaweaver

    need a generic minister ordination certifiate

  • danielmorganlaw

    Does your level 1 compliance now allow me to collect debit and credit card info and checking account numbers and routing numbers in the forms without having to immediately process a payment via one of your approved payment integration partners? (I ask because we prefer to manually enter our clients card information in the merchant account system ourselves.)

  • jesuspaul

    thank you , Congratulations

  • alalamyagroup


  • onmedicaltraining


  • Lovemo


  • defjam903


  • Symbolic


  • kijangweb


  • sipfriends


  • plansofelegance

    Does this new level of achievement change the scenario for companies that accept credit card authorization forms from clients, and then manually processes payments via a third-party's payment system? In other words, would my company be able to collect credit card info from our clients, without using one of your payment integration partners?