Hi Christine -
So the first thing your client will need to understand is that by having your credit card data on paper in a locked filing cabinet, you're at just as much risk as if you have it in SharePoint under a completely permission-trimmed library, On-Prem. With SharePoint, you can set it up to see every user who has looked at / accessed the data - can't do that with paper.
3 Reasons Electronic Records are Safer Than Paper | Laserfiche
That being said.
You could potentially encrypt the credit card numbers when they are submitted (think of a regex tool of some kind where it turns each number into a string of letters or something), and then decrypt them when they are requested by the approved credit card gatekeeper. Not sure if there's an encryption tool - I am sure there is a webservice but then you are passing your data outside of a known secure system and that's unlikely to be a good move.
You could also send the sensitive information up into an SQL db (which users may view as more secure), delete it from the list item, and retrieve it as required by that approved / locked down user, having several gates to pass through. You could even password it (Retrieve if Password = something, otherwise, don't allow.) unofficially.
Do I recommend any of this? Nah. They should be using a secure payment system, not pass around peoples details on paper nor via SharePoint.
I'd be interested to know if this is a feature that has been requested for integration Euan Gamble -- I can certainly think of areas where I'd make use of it.
I have had a few requests for a payment gateway solution to be added to Nintex Forms, but we do not have a solution at the moment. I would recommend looking around at the different web based payment gateway services and see which one may meet your functional and security requirements - there are a few out there.
Thanks to you both Rhia Wieclawek and Euan Gamble for the insight. I kind of had the feeling that it would best be done through a secure payment gateways due to all the legal rules and regulations around payments..
Euan Gamble, any recommendations for the other payment gateways? may be something simple and quick to setup?
Also, I'm wondering can we do the form using Nintex and just for the payment can we redirected to that other web? I'm assuming it is possible.. sorry I'm just new to all this.
Euan Gamble On another note regarding the need to have an integration feature or online payment feature in the future for Nintex.. This organization alone, that I'm currently working with, have at least 15 forms (LIVE and internal forms) that require online payments. If we discussed with all the other organizations whom we've implemented nintex, I'm pretty sure they will raise the need for it.
It would be wonderful to have this bumped up for implementation.
Hi --
At this point, I think - if online payment is a must have - I'd recommend embedding a PayPal embed code into the HTML below the form, in the SP page. I'm certain there must be a way to do that.