E-Market Policy Accepting Online Payment for Conducting University Business



Similar documents
CAL POLY POMONA FOUNDATION. Policy for Accepting Payment (Credit) Card and Ecommerce Payments

Saint Louis University Merchant Card Processing Policy & Procedures

INFORMATION SECURITY POLICY. Policy for Credit Card Acceptance to Conduct College Business

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL

POLICY SECTION 509: Electronic Financial Transaction Procedures

Payment Card Industry Compliance

How To Complete A Pci Ds Self Assessment Questionnaire

UW Platteville Credit Card Handling Policy

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No MERCHANT DEBIT AND CREDIT CARD RECEIPTS

Information Technology

CREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services

Appendix 1 Payment Card Industry Data Security Standards Program

Credit Card Processing and Security Policy

UTAH STATE UNIVERSITY POLICIES AND PROCEDURES MANUAL

The University of Georgia Credit/Debit Card Processing Procedures

CREDIT CARD MERCHANT PROCEDURES. Revised 01/21/2014 Prepared by: NIU Merchant Services

GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY

FAQ s for Payment Card Processing at the University

Policies and Procedures. Merchant Card Services Office of Treasury Operations

Merchant Card Processing Best Practices

POLICY & PROCEDURE DOCUMENT NUMBER: DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format.

GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY

Payment Card Industry (PCI) Policy Manual. Network and Computer Services

SECTION 509: Payment Card and Electronic Funds Transfer (EFT) Procedures

Credit Card Handling Security Standards

The following information was prepared to assist you in understanding potential Electronic Value Transfer terminology.

ACCEPTING CREDIT CARDS AND ELECTRONIC CHECKS TO CONDUCT UNIVERSITY BUSINESS

SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES

UNL PAYMENT CARD POLICY AND PROCEDURES. Table of Contents

COLLEGE POLICY ON CREDIT/DEBIT CARD PAYMENT PROCESSING

CREDIT CARD PROCESSING POLICY AND PROCEDURES

University Policy Accepting Credit Cards to Conduct University Business

Questions and Answers PCI Compliance (Updated May 23, 2014)

Version 15.3 (October 2009)

Accepting Payment Cards and ecommerce Payments

Dartmouth College Merchant Credit Card Policy for Managers and Supervisors

Payment Cardholder Data Handling Procedures (required to accept any credit card payments)

PCI General Policy. Effective Date: August Approval: December 17, Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS:

SCHEDULE A MODIFIED SCOPE OF SERVICES MERCHANT CARD PROCESSING SERVICES STATE OF NORTH CAROLINA AND SUNTRUST MERCHANT SERVICES

How To Control Credit Card And Debit Card Payments In Wisconsin

STOP Important Information Please Read

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015

WASHINGTON STATE UNIVERSITY MERCHANT ACCOUNT AGREEMENT FOR UNIVERSITY DEPARTMENTS

Emory University & Emory Healthcare

Viterbo University Credit Card Processing & Data Security Procedures and Policy

Credit and Debit Card Handling Policy Updated October 1, 2014

Getting Started. Quick Reference Guide for Payment Processing

ELECTRONIC VALUE TRANSFER CONTRACT (EVT) CREDIT CARD CHARGEBACKS. What is a Chargeback?

Payment Card Acceptance Administrative Policy

Standards for Business Processes, Paper and Electronic Processing

Redwood Merchant Services. Merchant Processing Terminology

2.0 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS (PCI-DSS)

CREDIT CARD PROCESSING GLOSSARY OF TERMS

Cash & Banking Procedures

University of Maine System ADMINISTRATIVE PRACTICE LETTER

EDUCATION - TERMS 101

New York University University Policies

The University of Michigan Treasurer s Office Card Services. Merchant Services Policy Document

TERMINAL CONTROL MEASURES

Credit Card Processing Overview

Chargeback Reason Code List - U.S.

How To Understand The Law Of Credit Card Usage

Office of Finance and Treasury

Failure to follow the following procedures may subject the state to significant losses, including:

CRM4M Accounting Set Up and Miscellaneous Accounting Guide Rev. 10/17/2008 rb

Indiana University Payment Card Merchant Agreement

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

Merchant Services Tool Kit TEXPO 2013

The Science of Credit Card Processing

Your Compliance Classification Level and What it Means

An access number, dialed by a modem, that lets a computer communicate with an Internet Service Provider (ISP) or some other service provider.

Vanderbilt University

CardControl. Credit Card Processing 101. Overview. Contents

. Merchant Accounts are special bank accounts issued by a merchant. . Merchant Level: This classification is based on transaction volume.

Transcription:

Accepting Online Payment for Conducting University Business Responsible Office: Bursar s Office Contact: bursar@hartford.edu Effective Date: July 1, 2011 Last Revised: June 20, 2011 Last Reviewed: June 20, 2011 Overview The University of Hartford recognizes that departments may need to accept payment for services rendered. This policy promotes the proper stewardship for the collection of online payments by providing general guidelines for the appropriate way to handle such funds. This policy is intended to minimize the risk of accepting payments and to provide the greatest value, security, and service to each University unit within the rules, regulations and guidelines established by the Payment Card Industry (PCI) and the National Automated Clearing House Association (NACHA). This policy applies to any individual (faculty, staff or student) who accepts online credit card and ACH (Automated Clearing House) payments.

Table of Contents Page I. Definition 3 II. Purpose of Policy 4 III. Who is Affected by this Policy? 4 IV. Who Should Comply with this Policy? 5 V. Contacts 5 VI. Website Location of Policy 5 VII. Overview of Policy 5 A. Acceptable Credit Cards 5 B. Prohibited Credit Cards 6 C. Credit Card Fees 6 D. Refunds of Credit Card Transactions 6 E. Charge Back for Credit Card Transactions 6 F. ACH Non-Sufficient Funds 6 G. Refunds of ACH Transactions 7 H. Maintaining Security 7 VIII. Procedures 7 A. Obtaining Approval to Process Credit Cards 8 B. Final Approval 8 C. E-Market Checklist Form 8 Attachments Attachment A: Request for E-Market Checkout Form Attachment B: Storefront Checklist Form

I. Definitions (as they are used in the following policy) ACH Automated Clearing House (ACH) is an electronic network for financial transactions in the United States. Bursar Office Office reporting to the Asst. VP of Finance/Controller that approves third party service providers and coordinates the policies, practices, and procedures for accepting payment cards and ACH payments at the University of Hartford. Cardholder Customer to whom a card is issued or individual authorized to use the card. Cardholder Data Any personally identifiable data associated with the cardholder. This could be an account number, expiration date, Card Validation Code (CVC), Card Verification Value (CVV), or Card Identification Number (CID). CASHNet Software application used by University of Hartford for recording transactions related to cash, checks, ACH or payment cards. CASHNet E-Market CASHNet E-Market includes Storefront, Checkout, and Transaction Gateway solutions that can be used independently or together, allowing various campus-wide departments to seamlessly accept and authorize payments. Types of payments are determined by the individual department (already defined by the Bursar Office) and can include one time payments for events on campus and conference registration fees. At checkout, the user will click pay here and the transaction will be transmitted through CASHNet. Charge backs The deduction of a disputed sale previously credited to a university unit s account when the unit fails to prove that the customer authorized the credit card transaction. Credit Cards Credit cards or debit cards issued by a financial institution. Contact the E-Market Administrator for acceptable payment cards. E-Market See description for CASHNet E-Market.

National Automated Clearing House Association (NACHA) National Automated Clearing House Association (NACHA), a financial industry association that represents more than 11,000 financial institutions, encourages the efficient utilization of the ACH Network, and develops new ways to use the Network to benefit its diverse set of participants. Non-Sufficient Funds The deduction of a sale previously credited to a university unit s account when the transaction is denied by the financial institution. Payment Card Industry Payment Card Industry (PCI) is a council formed by the credit card industry (VISA, MasterCard, Discover, and American Express) to establish Data Security Standards (DSS) for the industry. https://www.pcisecuritystandards.org Point-of-sale Terminal A point-of-sale (POS) terminal is an electronic terminal and printer (connected to a phone line) where the university unit swipes a credit card to obtain authorization for the transaction. A receipt is printed which the customer signs. University Unit A department, service center, student organization, or other university entity that accepts payments to conduct business. II. E-Market Policy The purpose of this policy is to establish procedures for accepting online payments, including credit cards and ACH, at the University of Hartford that will minimize risk and provide the greatest value, security, and service to each university unit within the rules, regulations and guidelines established by the Payment Card Industry (PCI) and the National Automated Clearing House Association (NACHA). III. Who if Affected by this Policy All university units that are involved in the acceptance of online credit card and ACH payments on behalf of the University of Hartford are affected by this policy. This includes employees, contractors, consultants, temporary employees and other workers in the university units. This policy also applies to external applications linked to a University of Hartford website which accept payment cards and ACH payments and external vendors who collect, process, or store payment card or banking data on behalf of the University of Hartford.

IV. Who Should Comply with this Policy? Any university unit that conducts business on behalf of the University of Hartford through payment card and ACH transactions and any university unit responsible for developing and/or maintaining the infrastructure surrounding accepting credit cards and ACH payments (i.e. website, software programs, etc.) V. Contacts CASHNet Administrator 860-768-4999 Bursar Office 860-768-4205 Information Technology Svs 860-768-5999 Financial Accounting 860-768-4651 Financial Affairs 860-768-5088 VI. Website Location of Policy http://uhaweb.hartford.edu/bursar Accepting Online Payment Policy VII. Overview of Policy Credit cards and ACH payments may be accepted by university units for various purposes, including the sale of goods or services, and donation of gifts. The Bursar Office may immediately remove any university unit s ability to accept credit cards and process ACH payments if that unit s actions violate any part of this Policy or puts the University of Hartford at risk. Please contact the Bursar Office if you have any questions regarding permitted transaction types. A. Acceptable Credit Cards The University of Hartford currently accepts VISA, MasterCard, Discover, and American Express cards for non-tuition related transactions. The University of Hartford has negotiated contracts for processing credit card transactions. Individual university units must not attempt to negotiate individual contracts with these or other payment card companies or processors without first consulting with the Bursar.

B. Prohibited Credit Card Activities The University of Hartford prohibits certain credit card activities that include, but are not limited to: Accepting credit cards for tuition and fees unless special approval is granted by the Bursar s Office Accepting credit cards for cash advances Discounting a good or service based on the method of payment Using a paper imprinting system unless special approval is granted by the Bursar s Office C. Credit Card Fees Each credit card transaction will have an associated fee charged by the credit card company. Each university unit processing a credit card transaction will need to provide a general ledger account to be charged for all credit card fees for their event. D. Refunds for Credit Card Transactions When a good or service is purchased using a credit card, and a refund is necessary, the refund must be credited back to the account that was originally charged. The University of Hartford prohibits refunds in excess of the original sale amount. The University of Hartford also prohibits cash refunds. E. Charge backs for Credit Card Transactions Occasionally a customer will dispute a credit card transaction, ultimately leading to a chargeback. In the case of a chargeback notification, the university unit initiating the transaction is responsible for providing supporting documentation of the sale to the Bursar s Office. If not resolved, the transaction will be charged back against the university unit s general ledger account. The university unit is responsible to contact the cardholder for the replacement of funds. F. ACH Non-Sufficient Funds Occasionally a financial institution will decline an ACH payment transaction due to nonsufficient funds or a payee placing a stop payment through their financial institution, ultimately leading to a payment reversal. In the case of a payment reversal, the transaction will be charged back against the university unit s general ledger account. The university unit is responsible to contact the payee for the replacement of funds. The university unit may be charged bank fees charged to the University of Hartford for the payment reversal.

G. Refunds for ACH Transactions When a good or service is purchased using the online ACH payment method, and a refund is necessary, the refund must be credited back to the checking account that was originally charged. The University of Hartford prohibits refunds in excess of the original sale amount. The University of Hartford also prohibits cash refunds. H. Maintaining Security Every university unit accepting credit cards and ACH payments on behalf of the University of Hartford is subject to the Payment Card Industry Data Security Standards (PCI DSS) and NACHA governing rules. The University of Hartford does not allow credit card and checking account data transmission via fax, e-mail, unsealed envelopes through campus mail, or wireless networks, as these are not secure. The University of Hartford requires that all external service providers be PCI compliant. Access to cardholder data and checking account information is restricted to those with a business need to know. For electronic media, cardholder data should not be stored in its entirety on servers, local hard drives, or external (removable) media including floppy discs, CDs, and thumb drives (also called flash drives) unless encrypted, stored properly, and otherwise in full compliance with PCI. For paper media (e.g. paper receipts and forms), cardholder data should not be stored, unless approved for appropriate business purposes and access is limited to individuals with a business need to know. Cardholder data should be blacked out on paper media prior to imaging, and disposed of properly (e.g. shredded) when no longer needed for business purposes. VIII. Procedures The University of Hartford requires the proper procedures be followed in order to grant the creation and use of an E-Market. All required University of Hartford signatures are needed for approval prior to the start of an E-Market. Please be sure to allow at least six (6) weeks for implementation of an E-Market.

A. Obtaining Approval for an E-Market The University of Hartford requires all university units interested in using an E-Market to obtain the proper approvals. A Request for E-Market Checkout form, see Attachment A, needs to be completely filled out prior to initiating a request. Please note that this form is for information purposes only to be used in determining the necessity of creating your E- Market request (See Attachment A). The E-Market Administrator does not have final approval to create or publish an E-Market Checkout. The form requires the following information be identified: Department information, including contact information Questions answered regarding the need for an E-Market and the type of transactions you will be processing Approval Signatures Person requesting the E-Market Checkout Dean/Department Head E-Market Administrator B. Final Approval The following approvals are needed prior to the final implementation of an E-Market Checkout: Dean/Department Head Bursar Office Financial Accounting ITS Asst. Vice President of Finance/Controller E-Market Administrator C. E-Market Checklist Form The E-Market Checklist form is used by the E-Market Administrator to track progress throughout the creation of a new E-Market. The E-Market Administrator is required to update this form as each task is completed. A copy of the form should be filed with all documentation regarding the creation and implementation of an E-Market Checkout.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information