3 Replies Latest reply on Nov 5, 2017 7:19 PM by Sanford Whiteman

    Using a form to accept credit card payment/or an e-signature

    Chrissy Johnson

      We are trying to use a Marketo form to capture an online order - something totally new for our company.  Has anyone created a Marketo form to capture credit card information and a signature or integrated with any outside software for credit card payments or e-signature software?

        • Re: Using a form to accept credit card payment/or an e-signature
          Josh Hill

          I answered this on another thread.

           

          Marketo is NOT PCI compliant. Please do not ask for SSN or CC numbers using Marketo. Strongly suggest a different payments or order system for ecommerce. Most will integrate with marketo using the API.

          1 of 1 people found this helpful
            • Re: Using a form to accept credit card payment/or an e-signature
              Chrissy Johnson

              Thanks Josh - I searched the community before posting but must not have found that particular thread. I didn't have high hopes for using a Marketo form.  Do you have any recommendations/systems that you've used? 

                • Re: Using a form to accept credit card payment/or an e-signature
                  Sanford Whiteman

                  You can integrate Chargify securely into a Marketo form (or any HTML form), together with a Marketo webhook to authenticate the transaction when it is complete. Note that this integration does not result in any credit card data being sent to or stored by Marketo at any time. The transaction is performed by Chargify, and Marketo only retains the record that there was a valid transaction.

                   

                  A developer must be retained for such a project to make sure there aren't any inadvertent data leaks, nor that a lead can forge a successful transaction (if that gives them extra access to anything on the Marketo side). If done correctly, it is secure.

                   

                  You will also (naturally) have to be running SSL on any page that hosts such a form, since even though you aren't storing or processing data on the initial form the lead should be wary of entering any data that appears to be ecommerce-related.