Online Tithing: Balance Convenience with Security

As finances move more and more into the digital world, online giving has emerged as a convenient option for accepting donations. Just as ministries protect the tithes they receive in the offering plate on Sunday mornings, they should take care to protect online gifts and donors.

The primary issue to consider is the storage of financial information. When a church stores its donors’ credit card numbers or bank information, it becomes responsible for guarding that information. If someone steals the information and runs up fraudulent charges, the church could be legally obligated to pay for the damages. The church also may be required to notify donors of the data breach, which takes time and money.

Choose a Reputable Vendor

When searching for a reputable partner, be sure to look for:

  • Data encryption. Ask each vendor how it guards customers’ data. A secure partner will use Secure Socket Layer (SSL) encryption, which protects information from online thieves. When a site has an SSL Certificate, a padlock appears on the donor’s Internet browser bar, indicating that the transaction is secure. Vendors should certify that they comply with Payment Card Industry (PCI) Data Security Standards, a set of guidelines that help keep financial information secure on the Internet. Request a certificate of compliance from vendors each year to verify that they continue to follow PCI standards. It’s possible that a ministry could be held responsible if it fails to ensure that online giving systems are PCI compliant.
  • Security notifications. Online donations should always be routed directly into ministry bank accounts. If someone makes changes that route the donations elsewhere, your vendor should notify multiple people to verify that the changes are legitimate.
  • Options for forms of payment. Some ministries choose not to accept donations via credit card, opting instead for e-checks and bank drafts, which do not involve debt. Choose a partner that gives your ministry options when it comes to the forms of payment it will accept.
  • Donor access to their giving records. Some providers allow donors to view their online giving records on demand. This convenient feature adds a layer of transparency to the process.

As you weigh your options, ask colleagues from other ministries for referrals. You also may want to ask the vendor for referrals from its other ministry customers. These referrals can give you a better idea about the vendor’s reputation and work quality. Also, remember to evaluate any fees that the vendor will charge. Once you choose a vendor, ask your ministry attorney to review any agreement before signing.

Remember the Basics

Your ministry probably already takes steps to protect the checks and cash that come in the offering plate each Sunday. Many of these traditional anti-fraud measures can be applied to online donations, too. Consider these steps:

  • Reconcile donation reports with banking statements. Your donations software should produce reports that detail the amounts given online. Compare this report with your banking statements to verify that all online donations are being deposited correctly.
  • Send reports to multiple people. Keep several sets of eyes on the ministry’s financial records, including online donation reports. This can help you quickly respond to honest mistakes and suspicious activity.
  • Use strong passwords. As with any banking or accounting technology, use strong passwords and keep them hidden to help prevent unauthorized access. If possible, use multi-factor authentication, which requires users to enter more information than just a username and password to gain access. Only share passwords with those who need them.

Want to learn more about how to protect your ministry's finances? Check these additional resources from Brotherhood Mutual Insurance Company: