The best way to collect online donations is for donors to use your donation form. This way, financial data is transmitted directly to the payment processor securely, it's kept private, it decreases the liability for your church, and it removes the chance of your staff making errors.
Outside of emergency situations, we suggest you avoid collecting, storing, or manually processing card information.
Having donors write their full card number, expiration date, and CVV code on an envelope is effectively like handing over a copy of their card. In the past few years, there have been growing concerns with credit card fraud.
Security breaches involving cardholder data have been widely publicized and are becoming more and more common. It's particularly risky for debit cards since real, irrecoverable money can be stolen from a donor if the number were to leak.
If you handle donor credit cards, VISA, MasterCard, and American Express require that you do so in a PCI compliant way. If your donors use the online donor interface in PCO Giving to donate, your church is able to take credit card donations without handling the credit cards themselves. In fact, PCO Giving doesn't even store them. They go straight to Stripe, which is a fully PCI compliant payment processor.
When you take down credit cards on paper, you enter a world of compliance concerns. How long you store that paper, the paper's chain of custody, and even the type of shredder that is used to destroy it are all things you have to worry about.
Here are two major trends happening in the charitable giving world. First, people are using credit and debit cards to donate a lot more than cash and check.
Many donors just don't carry checkbooks and cash around. Secondly, people are becoming increasingly aware that identity theft and credit card fraud is a legitimate concern in today's world. Donors want secure ways of using their cards.
Keeping the points above in mind, if you have a donor contact you directly with their card information, you can manually process an online donation by following these steps:
If you need to manually process an online donation, start by collecting the card number, expiration date, CVC number from the donor. Then add the information you've collected to the Pay Methods tab on the donor's profile.
The donor must have an email address in their profile before you add a payment method. This ensures that the donor can be contacted if their donation or payment methods require attention.
After the payment method is added, add a new donation from the Donations tab of the donor's profile.
Select the card or bank account that you want to use for the donation, enter the amount, funds, and labels that apply to the donation, and then click Submit.
ACH Bank accounts must be added and verified by the donor, but once verified, it can be used to initiate a donation from the donor's profile.
The donation will be immediately sent to Stripe to be processed, and the donor receives a receipt for the transaction.