Subsplash is trusted by thousands of leading organizations around the world. Security is a top priority for us and, as such, Subsplash Giving is always secure and uses industry-standard security, encryption, and best practices.
Tip! To learn more about our security standards, click here.
To improve the security of your website we recommend using SSL. You can always link to Subsplash Giving from your website whether your website uses SSL or not.
For the ideal scenario, you should consider placing your Subsplash Giving embed on a secure page within your website that has SSL enabled. Keep in mind that regardless of your website, Subsplash Giving is secure. This is simply a tip for you to enhance your website.
What is a secure page? It has an SSL (Secure Sockets Layer) for encrypting data. Any website with a green padlock and https is secure.
SSL provides three important security benefits:
Privacy: SSL encrypts browser/webserver connections in order to securely transmit and prevent any unauthorized viewing of sensitive information.
Data integrity: SSL prevents unauthorized users from changing or altering data during transmission.
Authentication: SSL protects against imitation (for example, a replica of the web page redirecting to a malicious site) by requiring web server proof of identity.
Additionally, using SSL may help your page load faster!
Embedding Giving on an SSL page is important for two main reasons:
Donors are often deterred from donating when they see an unsecured page.
Remember, Subsplash Giving is ALWAYS secure. When a donor enters an amount and clicks “Next,” a new tab opens up, showing the secure environment.
However, when it’s embedded on an unsecured page, security isn’t visible at first glance and often deters people from even taking the first step of entering a donation amount.SSL certificates help prevent hackers from copying the interface of your giving embed page and redirecting donors to an unsecured, malicious site.
How do you get an SSL certificate?
The tools below are available from third parties which are not affiliated with Subsplash. They are provided for your convenience.
For Subsplash Websites, we have our own natively built-in solution for you to use! Check out How do I secure my site?
Check with your website provider first! Most providers address SSL in their Help and FAQ, and many will manage the installation for you if needed.
Wordpress encrypts all traffic on custom domains hosted on Wordpress. Check out their FAQ about SSL and HTTPS on their servers.
Squarespace has a helpful FAQ and offers free SSL certificates for all Squarespace domains.
Amazon Web Services provides SSL certificates for free if you host your site on AWS.
If you do not host your website with one of these providers, here are some SSL providers we suggest looking in to (no affiliation with Subsplash!)
Let's Encrypt is a free (donation optional) automated, and open certificate provider by non-profit Internet Security Research Group (ISRG.)
Do you have more questions about security, Subsplash Giving, and/or SSL? If so, please reach out to us.