The best way to collect online donations is for donors to use your donation form. This way, financial data is transmitted directly to the payment processor securely, it's kept private, it decreases the liability for your church, and it removes the chance of your staff making an errors.
Outside of emergency situations, we suggest you avoid collecting, storing, or manually processing card/bank information.
It's not secure
Having donors write their full card number, expiration date, and CVV code on an envelope is effectively like handing over a copy of their card. In the past few years, there have been growing concerns with credit card fraud.
Security breaches involving cardholder data have been widely publicized and are becoming more and more common. It's particularly risky for debit cards since real, irrecoverable money can be stolen from a donor if the number were to leak.
It's not compliant
If you handle donor credit cards, VISA, MasterCard, and American Express require that you do so in a PCI compliant way. If your donors use the online donor interface in PCO Giving to donate, your church is able to take credit card donations without handling the credit cards themselves. In fact, PCO Giving doesn't even store them. They go straight to Stripe, which is a fully PCI compliant payment processor.
When you take down credit cards on paper, you enter a world of compliance concerns. How long you store that paper, the paper's chain of custody, and even the type of shredder that is used to destroy it are all things you have to worry about.
It discourages giving
Here are two major trends happening in the charitable giving world. First, people are using credit and debit cards to donate a lot more than cash and check.
Many donors just don't carry checkbooks and cash around. Secondly, people are becoming increasingly aware that identity theft and credit card fraud is a legitimate concern in today's world. Donors want secure ways of using their cards.
Keeping the points above in mind, if you have a donor contact you directly with their credit, debit, or bank account information, you can manually process an online donation by following these steps:
1. Add Card/Bank Account Information
If you need to manually process an online donation, start by collecting the following information from the donor:
- For credit or debit card: card number, expiration date, CVC number
- For bank account: account holder name, account type (individual, business), routing number and account number
When you add bank account information, the donor will still need to verify the information from their end. This process requires 3-5 business days to complete.
Then add the information you've collected to the Pay Methods tab on the donor's profile.
2. Create a New Donation
After the payment method is added and verified, add a new donation from the Donations tab of the donor's profile.
Select the card or bank account that you want to use for the donation, enter the amount, funds, and labels that apply to the donation, and then click Submit.