Custom Donation Form

Options
We are adding some custom CSS and js  files served by Amazon in our LO form, and we are including an HTML form which action is the Luminate Donation Api. Is there any security concern about including these files and adding this HTML form?
Tagged:

Comments

  • Erik Leaver
    Erik Leaver ✭✭✭✭✭
    Ancient Membership Facilitator 4 Name Dropper Photogenic
    If I understand the question correctly, you are proposing using the Luminate Donation API on a page on your website.


    Using the Donation API puts added security burden on your organization -- including additional PCI compliance steps since the credit cards are being input into a resource you own & manage. So be sure to investigate your responsibilities before you go live.


    I would be sure to review all of your options for guarding against fraud in Luminate (your LO settings depends on your merchant) and would highly recommend installing a CAPTCHA on the donation form to help improve security. 


    If you take those steps, you should be in good shape. 
  • Erik Leaver:

    If I understand the question correctly, you are proposing using the Luminate Donation API on a page on your website.


    Using the Donation API puts added security burden on your organization -- including additional PCI compliance steps since the credit cards are being input into a resource you own & manage. So be sure to investigate your responsibilities before you go live.


    I would be sure to review all of your options for guarding against fraud in Luminate (your LO settings depends on your merchant) and would highly recommend installing a CAPTCHA on the donation form to help improve security. 


    If you take those steps, you should be in good shape. 

    Hi Erik,  Let me clarify that the Luminate API is an action within the form/wrapper hosted on convio.  

Categories