There is a site called www.mysite.com
. It uses Qgiv for taking donations and has some HTML5 data-attributes like:
<div class="qgiv-embed-container visible-lg-block" > data-qgiv-embed="true" data-embed-id="1" data-embed="https://secure.qgiv.com/" ></div>
where the payment information (card details) is collected.
There is no SSL/TLS for www.mysite.com
and it is relying on Qgiv for collecting payment information.
Is such a site where I can enter payment information to donate secure? I know Qgiv has a secure certificate, but have not donated in the past to a site not using SSL which uses data-attributes to embed information from Qgiv. The organization used to use Paypal but now has switched to Qgiv.
The organization running the site is open to feedback from donors, but they need to be told clearly why their current set-up may not be compliant with PCI standards.