Securing nonprofits' digital contribution data

October 03, 2019 12:00 AM
  • Securing nonprofits' digital contribution data

Online fundraising is steadily becoming a popular mode of fund collection for nonprofits. It is considered cost-efficient and convenient to implement and process. This has automatically gained more attention for digital contributions in the space of social good. A research published earlier by Stanford Social Innovation Review (SSIR) reveals an increase in the amount of individual donor revenue from 17 to 24 percent in just two years. It also noted that two in five donors donate online.

This gives social sector organizations the incentive to invest heavily in fundraising platforms to increase their inflow of donations. And many nonprofits are implementing donation gateway directly on their organization's websites.

However, the solution to one problem has raised another. When users conduct digital transactions online, there is a threat from parties of malicious intent,  who target users and their personal data. Due to simple and static donation forms, non-profits are, unfortunately, becoming the primary targets for hackers. Even the checkout pages of many nonprofits are not complex enough when compared to e-commerce sites.

Sean Chisholm, vice president of Classy crowdfunding platform has shared in a blog post regarding online malicious activities on the nonprofit donations, "There’s no dynamic shopping cart functionality to contend with, which means that it’s a lot easier for credit card rings to write automated scripts that can churn hundreds or thousands of stolen cards through a page every day. Plus, visitors can input any donation amount that they want on a nonprofit checkout form. This lets fraudsters easily test transaction limits on stolen cards. In short, the very features that make nonprofit donation pages easy to use for legitimate donors also make them attractive targets for credit card rings."

To keep your donor's data safe you could implement the following steps

  • Nonprofits should conduct risk assessment even if it hasn’t experienced a breach. This would help safeguard them from future threats.

  • Most nonprofits lack a  dedicated IT team to ensure the security of its online system. In such cases, help of data protection technologies can be sought. Nonprofits could use PCI DSS-complaint as data protection solution provider which comes with multi-factor authentication, credit card, bank security, IP security, and donor fraud protections.

  • Nonprofits should integrate encryption management tools that help transact secure communications

  • Implementation of a well-defined and clear policy for data protection

  • Limit staff members that has access to donor data

  • Nonprofits should implement tokenization, this would make it very difficult for attackers to gain access to donor data.

Share this:


Get the latest news from the social good space by signing up to our newsletter.

Submit an Idea

Do you have an idea for an app related to social good? Exceptional ideas will be considered for funding by Vodafone Foundation.


Case Studies

Miitti Image 68410
By Kavitha Srinivasa Miitti has been conceptualized to scale up...
Schooglink image 66689
By Kavitha Srinivasa From being an Electronic Design Automation (...
Crowdfunding brings relief to NGOs logo 54434
By Kavitha Srinivasa   Introduction Impact Guru’s unique...
Tech Tool to Create Social Impact 54428
Outline India (OI) is a Gurugram based for-profit social research...
An app for eco-friendly cooking logo 22715
Kavitha Srinivasa Introduction Kitchens in semi-urban and rural...


theteacherapp activities image
By Kavitha Srinivasa What prompted you to give up investment...
Hear2Read activities image
By Kavitha Srinivasa Impressionable Age Google Playstore...
Safecity Interview Banner
By Kavitha Srinivasa As sexual violence is a global issue — since...
By Kavitha Srinivasa It is not every day that one comes across a...
Zeleno - Throw Trash, Save Cash logo
By Kavitha Srinivasa Gaurav Joshi, a professional working in a...