Requests to Accept Credit and Debit Card Payments
Departments requesting access to Commerce Manager or iModules in order to accept credit or debit card payments must obtain approval from Accounting and Business Services by preparing a request that addresses the following issues and questions
1. Please describe the nature of the payment activity and how the use of Commerce Manager or iModules will support this activity.
2. Is the volume of transactions sufficient to justify the processing costs and fees associated with credit or debit card acceptance?
3. Is it contemplated that a card other than Visa, MasterCard, or Discover would be accepted? If yes, please explain.
4. Does the department have a secure means of storing cardholder information provided by a buyer at the point of sale or payment location? Please describe.
5. Does the department have a website? If yes, please provide the address.
6. Does the department’s processing environment comply with Payment Card Industry Data Security Standards (PCI DSS) requirements? See PCI Compliance.
7. Are procedures in place to protect personal or sensitive information from unauthorized disclosure or use, including compliance with state privacy standards and similar regulatory requirements?
Any contract for acquiring credit or debit card processing services must be reviewed by the Office of General Counsel, prior to being executed by Accounting and Business Services, for appropriate terms and conditions, including representations that service providers are PCI compliant and will assume financial liability for loss of any cardholder data while in the possession of the service provider.
Department staff approved to process credit and debit card transactions must undergo PCI DSS training before receiving access to Commerce Manger or iModules. See Additional Contacts.