Announcement

Collapse
No announcement yet.

Issues with our donation account

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Issues with our donation account

    Hi team,

    We are experiencing an issue with the new donation form. The donations are being declined. The issues with the new and old forms are attributed to blocking of your merchant account at TSYS. There were phishing attempts made on your account beginning 10/3/18. TSYS agents notated attempts to reach out to the contact on file (Taida Horozovic) regarding the use of a CAPTCHA to prevent the phishing attempts, but no reply is notated and therefore, the merchant account is blocked to prevent further attempted phishing.
    A CAPTCHA is not needed if you use one of our Connect forms through Click & Pledge, but you are using a completely custom form. Because you are using a custom form not hosted by Click & Pledge, we have reason to believe that security settings due not meet the minimum standard of expectations for security, although we will need for our developers to work with your developer to determine the cause of the issues within the custom form.
    Once the form is fixed with the help of our Developer Forum, we will then be able to reactivate service from TSYS, the merchant processor and you may then begin processing once more.
    1. 10/31/18 was when TSYS has notes that they left a voicemail, now that we have reviewed the information once more.
    2. 10/3/18 was when the phishing began
    3. Security settings within the custom form are what caused the phishing and TSYS to block the merchant account
    Please let me know if you need further information.

    Thank you!

  • #2
    Hello PAN,

    We are a bit unclear of the purpose of your post, it sounds like:
    • You had a custom form that became the target of phishing attempts.
    • Our partner bank, TSys, reached out to Taida to explain they were blocking the account.
    • You may have reached out to us in some unspecified channel, and were referred to this forum.
    • You need to either modify your existing form or need to create a new form using our system in order to have your account unblocked.
    If you are asking for assistance with your existing custom form, we can refer you to Premium Support, as this would require review and modification of your existing code.
    Your next step would be to contact Premium Support, provide them a link to your existing form, and they can provide you a quote on what might be required to resolve.

    If you are asking for assistance to create a more secure form, please review the Quick Start Video: Create Mobile-friendly Donation Form. I would recommend this strategy, as it will be easier for your organization to modify the form or make changes to it going forward. It will require someone who has access to change your website, as the existing links will need to be redirected. If you need assistance logging into Connect, the online portal for your C&P Account, please let me know.
    Your next step would be to review the video, and work with your website manager to plan how to publish the new form.

    If you are asking that your Merchant Account be reactivated, your next step would be to provide a link to your payment form, so we can verify that there have been changes made to improve its security, and we will contact TSys about removing any barriers on your account.

    Sincerely, Amanda
    Customer Advocate


    Regards,
    Click & Pledge Support Department

    On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

    Join us @ the educational webinars: https://clickandpledge.com/webinars/
    Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
    Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

    Comment


    • #3
      Hi, we have several issues:

      1. How to stop the donation from a phishing source
      2. How to create u custom form that is not based on a C&P template, that is compliant and secure. Does the video cover that?

      Thanks!
      Taida


      Comment


      • #4
        Generally the concept behind stopping a form from being a target for phishing is to add security features that will stop automated bots from submitting the form, like captcha.

        The video covers creating a form using our form builder in Connect, and those forms are secure. They are custom in the sense that you can modify most of the design aspects of the form. The templates do not include C&P branding, so I'm not sure why this could not be an option for you. Once you've designed the form in the form builder, it can be published by directly linking to it, or embedding it using our provided code on a secure site (that is not to suggest the form itself is not secure, only that if it's embedded into an insecure site, the website's visitors' browsers will recognize that aspects of the page are insecure, and display it as an insecure site.)

        A FaaS form allows web programmers to build forms that send values directly to our API. We often refer to them as 'custom forms' because the web programmer has complete control of its appearance through the code.

        Could you provide a link to the form you need to replicate so we can advise further?

        Regards,
        Click & Pledge Support Department

        On Salesforce? Help us by rating our app: Click & Pledge Donor Management on AppExchange

        Join us @ the educational webinars: https://clickandpledge.com/webinars/
        Live Support available Join between 3:00 - 3:30 p.m. ET Monday - Thursday: https://clickandpledge.com/webinars/
        Are you on Salesforce? Join us at the Power of Us Hub: https://powerofus.force.com/0F980000000CjpC

        Comment

        Working...
        X