Will accepting Payment Cards benefit my department?

Let’s face it — We are a card-carrying society. We all, at some point, have enjoyed the convenience of using a credit card or debit card to purchase something at a store, or make an on-line purchase, or even get gas at the pump. Accepting Payment Cards will increase business, help you in collecting payment for your services, facilitate easy registration for your event, or sell your products. However, accepting Payment Cards increases your responsibility in protecting your consumer’s information, adds business expenditure, and increases your daily office procedures. Most departments would agree that the added responsibility and cost is worthwhile. Here are a few things to consider:

E-Commerce vs. Point of Sale (POS)

A Department can obtain a Merchant Account through the University to accept Payment Cards. Merchant Accounts use different types of payment modes to process credit and debit cards.

E-Commerce is a mode of Payment Card acceptance using the internet. The authorization, capture, and settlement of all Payment Card information is transmitted through the internet. The actual Payment Card is never in your hand. Everything is initiated on-line by the customer. You simply receive the deposit information to either post to your accounts or simply reconcile as payments are processed. Firewalls and other security measures protect the card holder data as it is transmitted and stored.

Point of Sale devices use stand alone Payment Card machines that the card can be swiped through or the card number can be keyed into, in order to process the payment through a dial up phone line. These terminals are still considered very relevant technology, as they maintain a tamper proof and secure communication mode. Some of these terminals, for purposes of speed, can use the internet instead of a phone line, but firewalls should be in place to secure that mode of communication so that card holder information remains secure.

Vendors outside of the University provide software, or web-based services that can accommodate both E-Commerce and Point of Sale transactions. Some departments may have special needs for inventory control, or customer profile information. Often, a Third Party Vendor can be found to meet those needs, including payment processing options. The University has policies and guidelines for departments to adhere to when seeking a Third Party Vendor.

What will my responsibilities be with this new merchant account?

A merchant account must be maintained within certain standards (PCI DSS) which serve to protect YOU as well as the card holder. The University has established a policy that, if complied with, will protect you, the University, and your consumers from hackers and other thieves from obtaining sensitive information. Also, reconciliation of your merchant account and your deposit account is vital to maintain proper accounting practices. Paper receipts and reports must be properly secured. There are also annual trainings, compliance self-assessments, and agreements that must be updated and adhered to. Some methods of accepting payment cards can be very costly.  It is best to be aware of these costs before purchasing a system that will have high annual costs to maintain compliance.

The department must designate a primary contact who will be responsible for fulfilling the annual Payment Card Industry Data Security Standard (PCI DSS) requirements, mentioned above. The department contact is also responsible for educating the employees in their department about the PCI DSS and other payment card acceptance best practices.

Income Accounting and Student Loan Services must report the University’s compliance to our merchant bank, who contractually gives the University the ability to accept payment cards. They, in-turn, report our compliance to the Card Brands (Visa/MasterCard, Discover, American Express, JCB) who may impose fines for non-compliance. The University has a PCI DSS compliance program, administered by Income Accounting and Student Loans, to help departments become and stay complaint.

Please continue to look through this website to learn more about the Payment Card Data Security Standard and the University of Utah’s Payment Card Acceptance/E-Commerce Policy.