Client Input Forms: Collecting Payment Details
Looking to collect payment through client input forms? Read this first.
NOTE: The client input forms are available on our Teams plans and above. Check out the plans page by clicking here.
You can use client input forms to collect shipping information, addresses, phone numbers, names, and more.
To ensure the safety of your prospect and business, we need to warn you about collecting sensitive info; ie, things that could financially hurt your prospect if they got out, like banking info or SIN/SSNs.
Payment apps, such as Stripe, use powerful encryption tools to keep payment details private. We have encryption in-app, as well as tight security for sending and viewing content, so it’s safe to collect basic information through input forms. For now, though, we don't have the bank-level security to allow for safe collection of sensitive info.
We're doing what we can to protect you and your prospect by blocking credit cards. If they try to enter a credit card number, we'll throw a warning saying we don't allow this. As an added step, we’ll purge that text from our servers the moment they click out of the text box.
Also, if you ask for a credit card number in the Editor, we'll show a warning to advise that this won't work.
We’re not able to filter other risky items, though. Things like bank account numbers are too close to other numbers to filter. Even though we can’t filter it, asking for that info is still a bad idea. Think to yourself: "if this got out, how much damage would it cause?"
We still have some great uses for client input forms. Info that's public (addresses, names, phone numbers, etc), or apply only to you (invoice number, etc) are great things we can collect. If your client's tee-shirt size gets leaked, the worst damage possible would be to their ego.
For now, we recommend sticking to our existing invoicing and payment integrations.