SSL Secure Web Form Processing by SecureCompanion.com

SSL SecureForm functions by hosting your contact or booking form on the SSL-enabled SecureCompanion.com domain. Companions are able to build, maintain and visually customize forms to match their website. Once active, forms are processed securely over an encrypted connection between their visitors computer and the server. As the submission reaches the server, individual form data is encrypted using an Advanced Encryption Standard and stored in that companion's client database. At this point, the SecureForm system notifies you of a submission at whatever email you have the form configured to send to.

Feature Highlights

SSL Secure Booking Example

There are three primary methods companions can use to receive form data:

Method 1: SSL Submission & Encrypted Storage Only

With this option, visitors submit their form data over an SSL secured connection from their computer to the server. Once processed, individual form data is encrypted using an Advanced Encryption Standard (AES) and stored in your client account database. Data decryption takes place dynamically in your browser after you login to your client portal. At no point is raw, unencrypted form data ever stored on the server. This option is the most secure and assumes you have your form configured to only send you notice that a submission has been made, with little or no sensitive data being sent with that notification email. To view/decrypt form submissions, you would login to your SecureCompanion.com Client Portal.

Method 2: SSL Submission, Encrypted Storage and Email Delivery

This option includes everything in Method 1 but with the form configured to send you a full or partial copy of all form data via email. Although form data is submitted securely over SSL to the server, this option is less secure unless you are sending to an email address hosted on the server. The reason for this is that individual field data emailed to you will not have that extra level of encryption and will no longer be transmitted over an SSL connection once it leaves the server for delivery to your off-server email address. A recommended configuration with this option is to only have the notification email send non-sensitive data, such as the sender's email address and date/time requested. At that point, you can login to your SecureCompanion.com account to decrypt and view the full submission.

Method 3: SSL Submission Only

This option applies to anyone using SecureForm v2 or lower. Visitor submissions are sent securely from their computer to the server and are immediately forwarded to your email address without data being stored in encrypted format locally. This is the least secure method unless you are sending to an email address hosted on the server, as there is no control over what data you choose to be delivered to an off-server email address and individual form data is not encrypted.

How a form is submitted:

  1. A visitor goes to your contact page and clicks on your Secure Booking Form link, which will open your form in a new window. You also have the option of embedding forms directly within your pages, though a pop-up link is recommended for easier access to mobile visitors.
  2. Your secured contact form opens over an encrypted, SSL connection and is submitted securely to the server after they fill out their information and hit send.
  3. If you are using SecureForm v2 or lower, the form submission is sent securely to the form processor, which identifies you and submits to your email address
  4. If you are using SecureForm v3 or newer, the form data is encrypted using AES and a unique KEY, then stored in your client account database. Depending on how you have the form configured, the system will notify you of a submission or forward a full or partial copy of form data to your email address.