Western Michigan University has seen an increasing number of requests for credit card merchant accounts for online payment applications. While it can be advantageous to accept credit card payments over the Web, it is also an area of great liability. To address this issue, the University implemented a campuswide e-commerce solution called Touchnet Marketplace in 2008. The Touchnet Marketplace solution offers the ability to set up a store, called Ustore, or simply a payment processing gateway, called U-pay. Many departments have taken advantage of the features and usability of Touchnet Marketplace.
With credit card fraud and identity theft on the rise, Visa and MasterCard have issued Payment Card Industry Data Security Standards that every merchant on the University campus must be in compliance with in order to continue to accept credit cards and avoid substantial fines and fees.
Payment Card Industry Data Security Standards requires that anyone handling any credit card information should be cognizant of, familiar with and agree to adhere to the Payment Card Industry Data Security Standards which can be found at pcisecuritystandards.org/security_standards/pci_dss.shtml.
If you are taking credit card payments but not using e-commerce, Payment Card Industry Data Security Standards still applies to you. Please review the Payment Card Industry Data Security Standards requirements referenced above and be aware that anyone in your department who comes in contact with credit card information will need to verify their acceptance and adherence to Payment Card Industry Data Security Standards on an annual basis. If you fall into this category and have not yet received the attestation forms, please contact Liana Fox in cashiering at firstname.lastname@example.org.
Touchnet Marketplace provides the University with a mechanism to meet these rigorous standards. The E-Commerce Policy requires all online merchants to use Touchnet Marketplace. By requiring all e-commerce activity on campus to use this one compliant solution, we are limiting our risk of credit card fraud and reducing our costs associated with maintaining compliance.
Many cashiering policies and procedures have been updated to reflect the new environment and should be reviewed in the Cashiering Policies and Procedures Manual.