By Gina Calvert

Plaid Lawsuit? 5 Ways Your Giving System Should Protect Your Givers’ Data

The Plaid lawsuit has heightened concerns that churches and givers have about the security of online giving.

We have those same concerns! That’s why we created Vision2 to avoid headlines like these.

More than ever, it’s important to make sure you offer secure online giving through an online giving provider that protects your giver in these ways:

Doesn’t require more information than is necessary

The first place to start is with Guest Checkout. Most online giving vendors require an account. But some Guest Checkout features still require givers to provide “account” information.

Doesn’t use a separate payment processor

When your givers make a donation, they encounter 1) the church website 2) an online giving vendor and 3) a payment processor’s site. (Learn more about this process here.)

Vision2 operates invisibly, so givers encounter only the church’s website. They stay on your site to complete their gift. We also remove the payment processor from the equation by being our own payment processor. This is a significant investment that allows us to keep your givers’ information safe from additional third-parties. So your givers encounter ONLY the church.

At least one giving vendor we know of that is also a payment processor uses that investment to “own” your giver. That is, their relationship is with the giver, not just the church. Givers are redirected to the processor’s site to complete their gift. And the processor retains the right to use or sell data, refuse refunds and check your givers’ credit reports. The church has no jurisdiction if there is a problem…your giver has to take it up with the payment processor.

Doesn’t require your givers’ bank credentials in order to process ACHs

The Plaid class action suit alleges that “Plaid obtained more financial data than was needed by a user’s app, and (2) obtained log-in credentials (username and password) through its user interface, known as “Plaid Link,” which had the look and feel of the user’s own bank account login screen, when users were actually providing their login credentials directly to Plaid.” (Source). It should be noted that Plaid denies these allegations.

But this is indisputable: On Plaid, givers must populate up to 24 screens with their information in order to set up an ACH transaction. Ultimately, this process (that was designed to allow givers to avoid credit card fees) can result in more fees for frustrated givers as they sometimes resort to card transactions. (Or loss of funds for the church as they abandon their gift.)

Vision2 givers can complete the their ACH gift in 4 easy, privacy-protecting steps.

Restricts exposure from staff and volunteers who don’t need access to sensitive data

Vision2 helps with this in two ways:

  1. Our software contains role-based permissions so you can determine who has access to givers’ information.
  2. Neither your staff or Vision2 personnel can access payment method information in any readable, usable format.

Carries insurance against financial loss in the event of a breach

We’re confident in the design of Vision2 to protect givers and churches, but with a mission to serve churches, we would be remiss if we didn’t plan for the unthinkable. Our insurance policy covers loss due to data breach. This is not a standard practice. For example, Planning Center Online’s agreement with churches includes an indemnity clause absolving them of any responsibility. They transact gifts through payment processor Plaid.

Vision2 is 100% committed to protecting your members’ information

It’s not enough to know just your online giving provider; you must also be aware of your payment processor. As both, Vision2 is dedicated to maintaining the highest security measures. We are here to serve you and your givers through these protocols:

Download these Vision2 Security Protocols or reach out to us here (or below) to explore more ways Vision2 can help your ministry.