Key Assumptions When Setting Up Quik!

Please Read!

It is important to be aware of what assumptions are included in the Quik! system design. The following assumptions are included in the design of this system:

Setup

  1. The customer will implement Quik! within their application (i.e. Quik! is not necessarily hosting an application nor building one on behalf of enterprise customers).
     
  2. The customer must have a valid Master Customer Account with Quik! and supply Master Credentials with each request (end-user credentials that are not the Master Credentials will not work).
     
  3. If the Quik! Forms Engine component is installed on your computer it may need read/write access to your computer or server's temporary file location or a location specified by you.

  4. The customer will implement one or more web services with a Quik! server in order to retrieve/send data used with the Quik! services and APIs.

  5. As of April 2020, supported browsers include: Internet Explorer 9.0+, Safari 5.1+, Firefox 12+, Opera 12+, Chrome 19+. Browsers must have Javascript enabled

  6. To use e-signature:
    1. E-signing requires SSL (HTTPS) and without it will result in "Access Denied" in Internet Explorer browsers.
    2. Customer will directly procure and use their own account with the signing vendor (i.e. DocuSign, Signix), set up a vendor-specific API Key and reference Efficient Technology Inc as the referral source.
    3. Customer assumes responsibility for the validity and acceptance of electronic signatures with the form owners, if electronic signature is used.
    4. Customer may need to deploy the QuikESignTransport in the same domain as the HTML forms in order to facilitate the e-signing process.
    5. Customer will be responsible for calling the e-sign vendor's APIs to retrieve the current signing status and to download final signed documents (i.e. Quik! is only designed to send documents to e-sign vendors to kick off the e-signing process)

Security

  1. Quik! servers do not store, save or persist any client data that may be transmitted to the server for the purposes of generating, printing, signing or transmitting forms. Data, if sent, is encrypted during transport and discarded the moment it has been processed.

  2. The customer's computer, server or program is responsible for deleting any temporary files that are generated by the use of the software (e.g. HTML files, error logs, etc.).

  3. The customer will create a secured SSL connection between their user's browser and their web application for delivering Quik! output and forms to their user.

  4. Internet Explorer may restrict certain features (e.g. print, save, etc.) due to security settings. To prevent this, be sure to:
    1. Host the Quik! Form from an HTTPS location. (HTTP non-secure is allowed, but not recommended)
    2. Add our domain (quikforms.com) as a Trusted Site in Internet Options → Security → Trusted Sites → Sites

       

Limitations

  1. Requests to combine multiple forms into a single form package are limited based on file size, page count and form count. Although you may get successful response from Quik! for large package requests, please refrain from requesting more than 20 forms in a single package or more than 100 pages at a time. Quik! limits form requests to 100 FormIDs, but that doesn't mean 100 will work due to the resulting file size.

  2. The HTML form viewer automatically expires and pages are no longer viewable after a maximum of 10 days from the date they are generated, or earlier at the customer's discretion.

  3. Forms will not fully function for iPad users using Private Browsing (e.g. the SAVE and LOAD buttons will not allow for local storage and saving as designed by Apple).

  4. Editable PDFs cannot be saved unless the user has a version of Adobe Acrobat that enables saving. Also, field collisions with combined forms may occur in editable PDFs due to standard PDF functionality and design.

Domains to Whitelist

When integrating with Quik!, you will need to ensure connections with our various domains are clear and unobstructed. We recommend the following IP Addresses, domains, and sub-domains to be whitelisted or made exempt from your security policies: