Client Input Forms - Collecting payment details
We've launched a new feature which allows you to collect your client's information. We're super-proud of this new way to get those important customer details in one quick step.
You'll be able to collect shipping information, addresses, phone numbers, names, and more.
To make sure you don't put your client or your business at risk, we need to warn you about collecting sensitive info. Sensitive information are things that can hurt your client if they got out, like banking info or SIN/SSNs.
Payment apps, such as Stripe, use crazy-powerful encryption measures to protect your information. We do have encryption in-app, as well as strong security for sending and viewing content. It is also safe to collect basic or public information through these forms. For now, though, we don't have the kind of security where we can say it's safe to collect sensitive info.
We're doing what we can to protect you and your client by blocking credit cards. If a customer tries to enter a credit card number, we'll throw a warning saying we don't allow this. As an added step, we’ll purge that text from our servers the moment they click out of the text box.
Also, if you ask for a credit card number in the editor, we'll throw a warning your way letting you know this won't work.
We’re not able to filter other risky items, though. Things like bank account numbers are too close to other numbers to filter. Even though we can’t filter it, asking for that info is still a bad idea. Think to yourself: "if this got out, how much damage would it cause?"
We still have some great uses for client input forms. Info that's public (addresses, names, phone numbers, etc), or apply only to you (invoice number, etc) are good. If your client's tee-shirt size gets leaked, the worst damage possible would be to their ego.
For now, we recommend sticking to our existing invoicing and payment integrations.