You can upload your organization's logo and a stylesheet for your standard forms. These are used when your website doesn't have a security certificate or reCAPTCHA hasn't been enabled in Bloomerang CRM, and Bloomerang CRM hosts your form.
Anywhere you have placed a standard form, donor see one of these buttons instead of your form:
Register
Donate
Join
Donors click the button to open your Bloomerang-hosted form. Both the form and the Bloomerang CRM website are secure, so your donor can be confident that personal information is safe.
Note: Bloomerang CRM only hosts standard forms.
Forms and Security Risks
Here's how a transaction works: A donors enters information into a form, clicks Donate, and enters credit card data into a separate form from Spreedly. The information is sent over the Internet to the credit card processor. If the form, website, or credit card processor doesn't encrypt the donor's information, a malicious third party could intercept it. The transaction forms (such as online giving or event registration) created by Bloomerang CRM are secure, and the credit card processor is secure, too. If you place a form on an unsecured website, however, the donor's information becomes vulnerable to a man-in-the-middle attack.
Placing a transaction form on an unsecured website also puts your organization at risk. When you sign an agreement with the credit card processors used by Bloomerang CRM, you agree to be PCI compliant. Not having a security certificate puts that compliance at risk. Bloomerang-hosted forms mitigate that risk.
Increase Your Security
Installing a security certificate makes your site secure. It also enables you to host customized forms on your website without your donors seeing scary "insecure website" warnings. Contact your website provider to purchase a security certificate, and then follow its instructions to publish the certificate on your site.
CAPTCHAs (Completely Automated Public Turing Test to Tell Computers and Humans Apart) also help protect against online fraud. ReCAPTCHA is Google's free method of determining that whoever is filling out an online form is actually a human, not a computer. This helps prevent abuse of your forms. ReCAPTCHA detects suspicious behavior and prevents the form from being submitted. CAPTCHA must be enabled in Bloomerang CRM in order to put a form in self-hosted mode or add a form to your organization's website. Read ReCAPTCHA for more information.
Use the Hosted Form
Bloomerang recognizes that not every nonprofit organization has the resources to purchase and maintain a security certificate. To help these organizations and protect their donors, Bloomerang CRM hosts basic transaction forms. If you want to continue using hosted forms, simply create, edit, and place your forms on your site as usual.