Jotform is PCI DSS Service Provider Level I Compliant

Last updated: September 13, 2024

Jotform is proud to announce we’re Payment Card Industry Data Security Standard (PCI DSS) Service Provider Level I certified – the highest level of security possible for a business that collects payments from, and integrates with, credit cards. In fact, Jotform has been PCI DSS compliant at the highest level dating back to 2018, and continuing to pass this standard with no exceptions is something we take pride in.

We’re proud to be the first, and the only online form building platform to provide the highest level of data security possible to our users. Here’s a short summary of what that means.

What is PCI compliance?

In a nutshell, PCI compliance is the security standard set by the major global credit card companies, including American Express, Discover, JCB, MasterCard, and Visa.

Why is Jotform PCI compliant?

Jotform had previously been certified as PCI DSS Service Provider Level 2, but as the volume of integrated payments increased, it became a necessary step to upgrade to the highest level of security. Companies that hit a transaction threshold are ultimately held to higher security standards, and rightly so.

Does Jotform process credit card information?

We don’t. Instead, we trust our terrific payment integration partners to do the processing for us. However, we still wanted to provide additional reassurance that we’re doing the most we possibly can to ensure safe, secure payments. And because so many users take advantage of our payment integrations (more than 20 now!), it was a necessary step to achieve the next level of security certification.

Why is Level One significant?

Jotform has been Level II certified for a while now, but the new designation means that we’ve passed several tests required for certification. This includes a penetration test, internal scan, and an annual report on compliance by a third party security assessor, among other requirements.

Our PCI Certificate of Compliance validity start date is Sep. 15, 2018.

UPDATE: Our PCI Certification of Compliance has been renewed. New certification is valid until Sep. 12, 2025.

Jotform is PCI DSS Service Provider Level I Compliant Image-1

Your security will always be a top concern of ours at Jotform. Feel free to ask any questions that you may have!

Was this article helpful?

Yes

We're sorry to hear that. What problem did you have with the article?

How can we improve this article?

What did you like best about this article?

AUTHOR

Chad Reid

Chad is a former VP of Marketing and Communications at Jotform. He’s also a frequent contributor to various tech and business publications, and an absolute wizard with a Vitamix. He holds a master’s degree in communication and resides with his wife and cats in Oakland, California.

RECOMMENDED ARTICLES

Announcing Workflows for Jotform Enterprise: Automate tasks, filing, and more

Announcing Jotform Workflows

How to create synchronized workflows with Jotform and Salesforce

Come see us at Dreamforce 2024

Webinar! Jotform for Salesforce: New features you need to know

Announcing 5 features to supercharge Salesforce + Jotform

Jotform earned 400+ review badges in 2023

Jotform is the No. 1 online form builder in G2’s 2024 Summer Report

Easily collaborate on Jotform data in Microsoft Teams

Announcing Microsoft Teams integration: Boost enterprise collaboration

Send Comment:

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Comments:

Cathy

106 days ago

Thank you very much!
Fole Williams

320 days ago

I am happy to be part of the business and hope to learn much from you
Brandi Clemons

More than a year ago

I'm glad to be a part of the platform as well I'm so excited
Jerome Jenkins Jr

More than a year ago

Glad to be a part of Jotform.
PHCC - NATIONAL

More than a year ago

Is this included in all subscriptions?

View Answer
Driss Meloui

More than a year ago

To yous'suited services topics others GDRP purposesame goldgateither respectifs personal data controls transfers to and third parties websites this see termed and conditions of time to time perfectshe at privacy policies.
Thanks to times.
Soporte Kuorum

More than a year ago

Hi. Is there a possibility to get the actual document of this certification? Here in the EU, all certifications should be accessible for customers to see. For example, in our business platform you can find the ISO/IEC 27001/2014 certification just by clicking on the logo shown in our website ().

View Answer
Ryan Hedlof

More than a year ago

Where can I find a copy of your AOC?

View Answer
Gurpreet Singh

More than a year ago

Dear Sir,
I am Gurpreet Singh Duggal Director of Discover Leisure Tours & Travels Pvt Ltd we are into travel agency business from past 30 years i have applied IATA Accreditation for our our Organization to get approval to issue ticket for our customers as per the Guidelines of IATA they require PCI DSS certification enable to get approval from them request plz tell your team to send your requirement on my E-Mail id info@dlttpl.com with concern person contact details to proceed further

View Answer
Gerry

More than a year ago

Does this apply to ALL of the PayPal options. For example, if I choose an option that collects credit card data on the form, and then embed that form on MY website, do i need to be separately PCI compliant, or does your compliance suffice?
Thanks
Drew

More than a year ago

Please call me ty 7274342264
David Dunston

More than a year ago

Good to watch
David Lowery

More than a year ago

I need a PCI DSS compliance attestation or certificate in our name for using jotform Authorize.Net as our checkout provider that I can send to the bank for my Merchant Account.

Can you please provide that to me. Thanks in advance...
Erwin de Leon

More than a year ago

i am currently involved in a project/program for state government that is trying to prove to the IRS and State Legislators that our state systems are PCI compliant. with the thousands of hours annually needed to provide this, i want to understand how your company can save state government time and money, and keep that time and money towards more meaningful state government work.

I also read a little about Aytekin Tank's life/leadership style and i like it. That's why i'm am contacting you.

Thank you,

Erwin de Leon

517 285 1989
First Parish Church Saco

More than a year ago

I am trying to contact you to change Our credit card number for autopsy. How do I get this done?
Carlos Ramirez

More than a year ago

necesito mas información gracias
boydackland

More than a year ago

Dear Sir, I was surprised to be advised that I was a spammer, and my query was blocked. I had lodged several queries about the difficulty in finding ways to do certain functions, for instance, how do I get to transfer people who have registered on Jotform, to my own business program. I have been unable to find any instruction to this effect. as a result, to transfer names and details, I must write it out and then type it into my own program listings. I wanted to get an instruction to this effect, only to be advised that your people believed it spam and so blocked. Is this how your company brag about no complaints?

Regards

Boyd Ackland ( customer over several years.)
BxClinic

More than a year ago

Congratulations!
Normaweaver

More than a year ago

need a generic minister ordination certifiate
danielmorganlaw

More than a year ago

Does your level 1 compliance now allow me to collect debit and credit card info and checking account numbers and routing numbers in the forms without having to immediately process a payment via one of your approved payment integration partners? (I ask because we prefer to manually enter our clients card information in the merchant account system ourselves.)
jesuspaul

More than a year ago

thank you , Congratulations
alalamyagroup

More than a year ago

Congrats
onmedicaltraining

More than a year ago

Congrats!!!!!
Lovemo

More than a year ago

Congrats
defjam903

More than a year ago

congrats