Good day!

Click & Pledge is PCI Level 1 certified and all applications go through extensive review prior to release so don't worry about security from application to application since they are all tested the same way.

The mobile payment form is an iFrame page since we have to show it within your own URL and the SSL key cannot be changing from client to client. The payment page is similar to the web pages you use for your website.

The QR Code is simply the URL and it takes the patron to the page. A QR Code is nothing but another representation of a text URL but since it may be scanned with a camera it is a quick way to go to a link instead of typing it. So a QR Code has nothing to do with the payment or can possibly have any security implications.

All communication is 256 bit encrypted and it is as secure as a website since it is the same security and the same platform. The form is just smaller for the mobile. If you open the link to a mobile payment page you will see that it is secure:

here is an example: https://co.clickandpledge.mobi//defa...4537&wid=41738

Same secure environment and same system. Just looks different.

I hope I have answered your questions. Please let us know if we can be of more help.