Church Giving and Stewardship Blog | Vision2

Measures that Prevent a Security Breach in Your Giving Platform

Written by Hollie Murrin | May 7, 2024

We recently spoke with a church that lost nearly $100,000 through a breach of their giving platform. That money represents a loss to the good work the church does by serving its members and community.

However, the cost of breaches like this extend far beyond the immediate dollar value lost. The confidence of the church's givers has been impaired, which can lead to longer-term decisions of abandoning online giving including recurring schedules.

To help your church avoid being another victim of fraud, the following best practices can help you determine how well your online giving provider protects your givers:

Requires only necessary information

Guest checkout should be just that and not require your members to have an account to give. Unfortunately, many online giving vendors don't offer guest checkout or they require givers provide account-level information to use "guest checkout".

Givers only experience your church's website

When your givers make a donation, they encounter 1) the church website 2) an online giving vendor and 3) a payment processor’s site. (Learn more about this process here.)

Vision2 operates invisibly, so givers encounter only the church’s website. They stay on your site to complete their gift. Also, by making the investment to be our own payment processor, it allows us to keep your givers’ information safe from additional third-parties. 

Doesn't require unnecessary information to set up ACH

How your platform supports ACH givers is important, especially since a larger portion of their gift reaches your cause.  Red flags to watch out is if your giving platform: 1) Requests more financial data than is necessary, (2) Collects log-in credentials (username and password) for the donor's bank, often replicating the look and feel of the user’s bank account login screen to gain a false sense of security (3) Puts givers through a lengthy process of setting up ACH transactions. In fact, there are platforms that involve 20+ screens before the member can give, leading to much frustration and gift abandonment.

Mindful of these problems, Vision2 is designed so givers can easily complete the their ACH gift in a few secure steps.

Limits staff and volunteers access to sensitive data

The platform should  support role-based permissions that determine the level of access to givers’ information. Access to payment method information, in any usable format, should also be accessible by the platform's personnel.

Insured against financial loss in the event of a breach

Aligned with the ounce of prevention adage, the platform should plan for and be insured against the unthinkable, but that is not standard practice across giving platforms. With Vision2, our insurance policy covers loss due to data breaches to protect the church AND its churches.

Think your church and givers may be at risk?

If the above points have you concerned about your current giving platform, consider Vision2's dedication to maintaining the highest security measures. Focused on serving you and your givers, Vision2 offers an extensive set of protocols as outlined in our handout:


Directly-download these Vision2 Security Protocols  or reach out to us here to explore more ways Vision2 can help your ministry.