JotForm is thrilled to announce we’re now Payment Card Industry Data Security Standard (PCI DSS) Service Provider Level I certified, the highest security attainment you can have as a business that collects payments from, and integrates with, credit cards.
We’re proud to be the first, and the only online form building platform to provide the highest level of data security possible to our users. Here’s a short summary of what that means.
What is PCI compliance?
In a nutshell, PCI compliance is the security standard set by the major global credit card companies, including American Express, Discover, JCB, MasterCard, and Visa.
Why is Jotform PCI compliant?
Jotform had previously been certified as PCI DSS Service Provider Level 2, but as the volume of integrated payments increased, it became a necessary step to upgrade to the highest level of security. Companies that hit a transaction threshold are ultimately held to higher security standards, and rightly so.
Does Jotform process credit card information?
We don’t. Instead, we trust our terrific payment integration partners to do the processing for us. However, we still wanted to provide additional reassurance that we’re doing the most we possibly can to ensure safe, secure payments. And because so many users take advantage of our payment integrations (more than 20 now!), it was a necessary step to achieve the next level of security certification.
Why is Level One significant?
Jotform has been Level II certified for a while now, but the new designation means that we’ve passed several tests required for certification. This includes a penetration test, internal scan, and an annual report on compliance by a third party security assessor, among other requirements.
Our PCI Certificate of Compliance validity start date is Sep. 15, 2018.
UPDATE: Our PCI Certification of Compliance has been renewed. New certification is valid until Sep. 14, 2022.
Your security will always be a top concern of ours at JotForm. Feel free to ask any questions that you may have!