PCI Compliance: Cost-Effective PCI-Compliant Form Access for Solo Travel Advisor

susan98 · 2026-04-15T15:23:07-04:00

I’m a solo travel advisor currently using JotForm for client agreements and authorizations. I’m reaching out to request guidance on adding PCI‑compliant form access to my account in the most cost‑effective way. I book travel (primarily cruises) on behalf of my clients, and suppliers require me to enter the client’s full credit card number, expiration date, and CVV directly into their booking systems. Because of this, I need a secure, PCI‑compliant method to collect card details. Important details about my process: • I already have a signed Credit Card Authorization from each client granting permission with specific restrictions. • Card details are collected only after a quote is approved. • The information is used one time solely to book the approved travel. • I do not store credit card data, email it, or reuse it. • Card data is deleted immediately after booking. • I am the only person accessing the information (no team members). I understand this requires a PCI‑compliant JotForm (pci.jotform.com). Because my usage is limited and single‑user, I’m hoping you can recommend the lowest‑cost plan or PCI‑only option that would meet this need without enterprise‑level features. Thank you very much for your help and guidance.

susan98

Asked on April 15, 2026 at 3:23 PM

I’m a solo travel advisor currently using JotForm for client agreements and authorizations. I’m reaching out to request guidance on adding PCI‑compliant form access to my account in the most cost‑effective way. I book travel (primarily cruises) on behalf of my clients, and suppliers require me to enter the client’s full credit card number, expiration date, and CVV directly into their booking systems. Because of this, I need a secure, PCI‑compliant method to collect card details. Important details about my process: • I already have a signed Credit Card Authorization from each client granting permission with specific restrictions. • Card details are collected only after a quote is approved. • The information is used one time solely to book the approved travel. • I do not store credit card data, email it, or reuse it. • Card data is deleted immediately after booking. • I am the only person accessing the information (no team members). I understand this requires a PCI‑compliant JotForm (pci.jotform.com). Because my usage is limited and single‑user, I’m hoping you can recommend the lowest‑cost plan or PCI‑only option that would meet this need without enterprise‑level features. Thank you very much for your help and guidance.
Podo: Support Specialist

Replied on April 15, 2026 at 3:23 PM

Hi susan98,

Thanks for reaching out to Jotform Support. I'm an AI assistant here to assist you.

Based on the information available, forms cannot be used to collect credit card information. This restriction is stated in Jotform’s Terms of Use, and if fields are added to collect this information, the account may be suspended.

For payment-related use cases, the available guidance says you can integrate forms with payment gateways if you want to sell products, subscriptions, or collect donations. It also says that when a customer makes a payment through a payment form, the transaction is between the payment gateway and the payer, and Jotform does not store credit card information.

For PCI certification details, the available information says that if you want to receive the AOC document, you can send an email to governance-compliance@jotform.com, and there is also a page about Jotform’s PCI DSS Service Provider Level I compliance.

I do not have information in the knowledge base about a lowest-cost PCI-only plan or a specific plan recommendation for your use case.

Let us know if you have any other questions.

Your Reply