Edit this page :: Discussion

Fundraising Planning

This chapter covers setting up and configuration of fundraising strategies and campaigns with CiviCRM. using CiviContribute.  CiviContribute allows you to track different types of contributions and search and report on contributions. Before reading this, you should have a basic knowledge of CiviCRM concepts including custom fields and searching.

CiviContribute Basics

Every contribution you receive can be categorized by type. Examples of contribution types include event fees, member dues, donations, and grants. Contribution types are useful because:

  • They are a way to organise the income and revenue brought in by your organization, for example to differentiate between a foundation grant and the income from in-kind donations.
  • They can aid integration with your accounting software by assigning an accounting code for each contribution type, which is included when you export contributions for import into your accounting package.
  • They help you search your database for contributions.

First, think about the types of contributions you receive as an organization and which of those you want to track using CiviCRM.  To configure contribution types, go to Administer CiviCRM » Contribution Types.  

Custom Data

CiviContribute has a set of pre-defined fields to track contribution information. If you need to track more information about contributions, you can define and use custom data fields.  Custom data might be useful to further categorize your contributions or track additional information.

For example, Healthy Environment Alliance of Utah (HEAL Utah) created a custom field for contributions called Contribution Category that lists every fundraising tactic they use throughout the year.  At the end of the year can quickly compare the success of different tactics - a very valuable bit of information for an organization that thrives on community support.  Below is a screenshot of the options they added to their custom field.

 customcontributionfield_heal

First consider all the information you want to track about your contributions and then carefully compare it with the pre-defined fields available in CiviCRM.  There's no point in creating your own custom fields if they already exist and lots of useful functionality is built in to the core contribution fields that you can take advantage of if you use them.

When deciding what data to collect, think carefully about what you need to know, and the reports you would like to run on your data.  This will help ensure that you don't collect data uneccesarily, and that and your data is usable in reports.

If you don't have CiviCRM installed, you can go look at the core fields on the CiviCRM demonstration site http://demo.civicrm.org/.  The fields are displayed on a contacts contributions tab: click on New Contribution, and review the pre-defined fields.

If you need to create custom contribution fields you can do so through Administer CiviCRM » Custom Data. When creating custom field sets for contributions you can associate them with all contribution types or assign them to a specific contribution type.

Reporting and Evaluation

When you begin your fundraising efforts with CiviCRM, think about the reports you'll need to evaluate how successful you have been.  Choose reports that let you see how processes can be improved and that can gauge the overall health of your organization.  For example:

  • Contribution totals for tactic A versus tactic B
  • Comparing dollar amounts by date range
  • Comparing first-time givers to repeat givers
  • Finding contributors who gave last year but are yet to give this year

Payment processors

A payment processor is a tool that integrates with CiviCRM to process the live credit card transactions. In other words, it accepts the credit card information submitted by your site visitor, processes it, and transfers money to your organization's bank account.  As of this writing, the payment processors compatible with CiviCRM include:

  • PayPal (website standard and pro)
  • Authorize.net
  • PayJunction
  • Google Checkout
  • Moneris eSelect Plus 
  • Elavon / Nova
  • eWAY
  • PayJunction
  • PaymentExpress
  • ClickAndPledge

Each has their own pricing structure and features, benefits and drawbacks.  You should carefully investigate each available option to determine what is best for you.  Important things to consider include:

  • Availability in your country and currency
  • Cost (setup costs, monthly cost, transaction fees and commission percentage)
  • Security - whether you want to, and are able to set up your own SSL certificate or whether you would prefer a payment processor that captures credit card information on its own website. Does the payment provider provide protection against fraud and liability?
  • Ability to control branding - does the payment processor take users off your CiviCRM site and does this matter to you?
  • Ability to accept recurring payments. Only one or two payment processors are able to do this at the time of writing.
  • Ease of use for your customers - does the site visitor need an account with the transaction provider in order to process payment?
  • Reputation and reliability.  Ask other CiviCRM users about their experiences with payment providers.

Secure Sockets Layer (SSL/HTTPS)

If you wish to collect credit card information through a CiviCRM form (as opposed to on a payment processors own website) you must configure your site for secure sockets layer, or SSL encryption. Alternatively you choose to use a processor such as Paypal Standard, Elavon or PaymentExpress where the customer is redirected to the payment processor's website to enter their credit card details and back to your site afterwards.

Visitors to your website see that their data is encrypted when the see a symbol (often a padlock) somewhere in the browser or by noting that the http: part of your url has been replaced by https:. 

To enable SSL you will need an SSL certificate. An SSL certificate should be purchased through a reputable third party provider, and may range in price from USD$30 - USD$100 a year depending on the company and the level of service and protection they provide.

If you are using shared hosting or a virtual private server (VPS), it is likely that your hosting provider has preferred vendors they work with to provide SSL security. Contact your hosting provider for more information and to assist with the installation of the SSL certificate.

SSL certificates are domain-form specific. If purchased and installed to your root domain (https://domain.org), it may not be valid for the www form of your domain (https://www.domain.org). Additionally, subdomains do not automatically inherit the certificate authentication (https://sub.domain.org).  Discuss the options available with your hosting provider and ensure the certificate and its installation will meet your needs. Wherever possible, purchase a certificate that will cover both the root domain and www form of your domain.

Once the certificate is installed and you have tested its functionality by browsing to a page on your site using https (rather than http), you should enable SSL redirection in CiviCRM. To do this, navigate to: Administer CiviCRM » Global Settings » Resource URLs » Force Secure URLs (SSL) » Yes.

This will force any pages that include contribution related information (i.e. credit card fields) to redirect to the secure form of the url (https).

After enabling the Force Secure URLs setting and saving the page, CiviCRM will automatically check to ensure the SSL certificate is activated and working properly.  You should also navigate to a contribution page on your website to confirm the https redirection works correctly. 

PCI DSS Compliance

The prevalence and impact of online fraud has led to increased security measures to counteract the schemes of fraudsters. The Payment Card Industry Data Security Standard sets out security standards that all major credit cards require sites to comply with. In cases where your CiviCRM page accepts card numbers rather than having your payment processor pages accept them, your site and its hosting environment may need to comply with those standards. Some payment processors, notably Moneris, put some of the compliance burden on you by making you complete a long and technical Self-Assessment Questionnaire.

For more information, visit: https://www.pcisecuritystandards.org/