A security refresher in honor of National Cyber Security Awareness Month
Since 2004, October has been National Cybersecurity Awareness Month. The President of the United States and Congress dedicated the month to public and private sector collaboration and awareness around the importance of cybersecurity.
As a digital fundraising company, we maintain the cybersecurity of our tech and processes as a year-round focus. However, we are glad to use this month as a welcome opportunity to refresh everyone about our ongoing security protocols and the preventative measures that can be taken in addition to them.
General safety guidelines
The US Cybersecurity and Infrastructure Security Agency (CISA) envisions a safer, more trusted digital world. It has shared four simple steps that everyone can take to stay safe online at home, work and school. These include using strong passwords, reporting phishing attempts and keeping software updated on your devices. Learn more about CISA’s general safety guidelines.
Fundraise and donate safely
We at Give Lively feel strongly about privacy, security and transparency too. At every level of what we do, we spare no effort to ensure data privacy and security in accordance with the law, best practices and what is right.
In broad strokes:
- We and our nonprofit members never directly see or store any donor payment information. Saved payment details are captured by and stored securely in a third-party payment processor without passing through our servers.
- With any data we do collect and retain, we take every reasonable action to protect against its loss or misuse, both in transit and at rest. While in transit, it is protected using end-to-end encryption and SSL protected web pages (see more below). At rest, it resides in encrypted databases, where we store data for as long as required. Critically, we never sell, rent or lease it to third parties.
- We acknowledge and respect donors’ right to control their data. We set store by the spirit of the California Consumer Privacy Act and the stricter standards of the European Union’s General Data Protection Regulation (GDPR), both of which govern data protection and privacy, and we comply with them where possible. For more regarding this, see our Master Service Agreement, Terms of Use, and Privacy Policy.
- We enforce end-to-end encryption and SSL protected web pages. You may have noticed that the hyperlink address to your fundraising page starts with "https". In layman's terms, a hyperlink starting with HTTPS means that the page is secure. Even when our platform is embedded as a widget on a page that does not include "https" in the hyperlink, the platform is still secure.
Take a closer look at our data security and privacy measures.
Protect against credit card testing
Regardless of the actions we at Give Lively take to keep you safe, you should, as a best practice, stay in the habit of keeping an eye out for potentially fraudulent activity on your fundraising pages. One reason to stay vigilant is to prevent credit card testing.
Also known as “carding,” “account testing” and “card checking,” credit card testing is how criminals determine if illegally obtained credit card numbers – bought on the dark web, stolen or collected through phishing and spyware – are valid for fraudulent use.
The testing is accomplished by attempting low-value online purchases or donations through a merchant’s or nonprofit’s website. The details of any card discovered to be viable (those that haven't been canceled) are then used for larger purchases.
Nonprofits, especially those with a well-established public profile, are sometimes selected for credit card testing because less information is needed to process a donation than a typical e-commerce purchase, and donations can be as low as $1, a transaction minimum that might be easily overlooked by card holders.
Read more about several measures Give Lively has implemented to forestall credit card testing.
There are several voluntary actions you can take to protect your nonprofit and donors. Learn what you can do to protect against credit card testing.
Whether you're using Give Lively to raise money for your nonprofit or you're using the platform to donate to your favorite cause, you can rest easy knowing that it is secure. Read more about how strongly we feel about privacy, security and transparency.
If there is ever any reason to believe that Give Lively and its technology are not doing what they should or that the security of an account has been compromised, please contact us immediately at support@givelively.org.