Feature Updates 06/27/2024

Feature Updates 06/27/2024

OnlineGiving.org 2024 Q1/Q2 New Security Layers

Since our inception in 2014, OnlineGiving.org has been steadfast in prioritizing the security of both church and donor accounts. Our dynamic security system undergoes regular updates and is supported by a dedicated team to ensure seamless church giving. Over the past decade, the OnlineGiving.org platform has consistently improved its threat protection and detection capabilities. With the integration of artificial intelligence technologies, we are delighted to introduce additional security layers that provide enhanced protection as a key advantage of using the OnlineGiving.org platform.  OnlineGiving.org is continually adding new layers. Please keep in mind these new security layers are built on top of our existing layers. While we are unable to disclose specific technical details for security reasons, we are eager to share a high-level overview of the significant security enhancements implemented in 2024 for your benefit.

NEW Double Encryption Technology Added to All Transaction Processing, Custom Form, and Control Panel Login Features

We are excited to announce that we have added double encryption technology to all transaction processing, custom form, and control panel login features. This new feature enhances security by encrypting the form submission data before sending it to our backend, effectively adding an extra layer of encryption protection. The form submission process is now pre-encrypted and then uses HTTP/TLS encryption, ensuring the entire process is double-encrypted. This enhancement provides better protection against man-in-the-middle attacks and can confuse all but the most sophisticated attackers.

NEW Security through Obscurity Technology Added to All Transaction Processing, Custom Form, and Control Panel Login Features

OnlineGiving.org uses various layers and methods for account protection as part of its security approach. We have improved the security of transaction processing, custom forms, and control panel login features to confuse attackers using custom bots. This is achieved by employing a security measure that involves shuffling internal form one-time-user tokens with intentional distractions, obscurity, and mixups to deter attackers.

NEW AI-assisted Recaptcha Detection Technology Added to All Transaction Processing, Custom Form, and Control Panel Login Features that require Recaptcha

Due to the uptick in the speed of AI technologies to complete Recaptchas in under 9 seconds, new AI-assisted Recaptcha detection technologies have been added to allow OnlineGiving.org to trace the use of both invalid and valid Recaptcha submissions across our entire platform. Thresholds are now present and tracked with various requirements to ensure that when Recaptcha is required, it's not being abused by AI-assisted technologies and that it is instead verifying real humans.

NEW Anti-Bot Signature & Advanced Browser/TSL Fingerprinting Detection Technology Added to All Transaction Processing, Custom Form, and Control Panel Login Features

Our security system at OnlineGiving.org is designed to assess the quality of incoming network connections by conducting a comprehensive risk check within milliseconds of each new page load. Our goal is to prioritize privacy, ease of giving, and maintain high security. Additional restrictions or "not a robot" features are activated when a high-risk connection is detected as part of our risk analytics features. This ensures that donors using clean and common connections can give without restrictions or inconveniences, while only those with risky connections are subject to restrictions.

We have enhanced our measures for high-risk connections by implementing advanced Anti-Bot signature and browser/TSL fingerprinting technology. This technology is specifically designed to identify sophisticated bots on the internet that attempt to mimic human behavior. It can dynamically adapt based on the user's risk level. It protects against highly advanced bots that attempt to mimic human behavior through randomized mouse control and automated browser integration to bypass security systems.

NEW Anit-AI Administrative Technology Added to the Control Panel Login Feature

We're pleased to announce the OnlineGiving.org control panel login feature has been upgraded this year with anti-AI technology designed to stop AI-driven attacks that mimic real user integration. This new technology uses many technologies designed to catch bots, personal attackers, AI-assisted credential stuffing, and much more.

The updates above are a high-level summary of the most interesting new security features we've implemented in 2024. However, loads of new security features have also been implemented this year, and they all work together to protect the church and donor accounts! We cannot comment on technical specifics in the feature release information. Churchs may email support@onlinegiving.org if they have specific technical questions about our security updates, and we'll be happy to disclose much more detailed information. 

Related Blog "Is Your Giving Solution Managed and Monitored?" https://www.onlinegiving.org/support/is-your-giving-solution-managed-and-monitored

NEW OnlineGiving.org Payments Administrator Permission

We are excited to introduce an update that introduces a new administrator permission in the control panel called "Payments Administrator." This new permission allows the church to designate a control panel administrator with restricted access to features within the payments control panel section. These features include Payments Dashboard, Products, Product Collections, Product Pages, Checkouts, Sales Tax, Payments, and Payment Settings.