Merchant Services

The E-Commerce Group is made up of individuals from the Treasurer's Office, Auditing, UITS and representatives from each campus.

The Initial Goals of the Group:

Compile a complete inventory of all card processing merchants
Identify their method of processing credit cards (i.e. online, POS, third party)
Identify any storage of prohibited data
Identify any storage of Primary Account Numbers, PAN
Identify storage security of any paper storage of PAN
Complete a Self Assessment Questionnaire for each merchant
Identify and complete security scans where required by PCI
Confirming there is no storage of prohibited credit card data by signing a Prohibited Data Retention Attestation Form
Confirm that all third party and outside vendors processing credit cards are PCI Compliant
Develop a Principles document outlining Best Practices for processing credit cards at the University of Massachusetts

Ensure quarterly security scans are performed and submitted to our acquiring bank
Coordinate Self Assessment Questionnaires
Develop requirements and procedures for new merchant set up at the University
Develop standards for ensuring our merchants are processing credit cards in a secure and compliant manner
Approve all new credit card processing and payment applications
Develop and maintain a website with Credit Card procedures, guidelines and requirements
Remain current with any changes to PCI DSS, VISA CISP/PABP or MasterCard SDP Programs
Review and provide updates to the University of Massachusetts Standards for Acceptance of Debit and Credit Cards

Any questions concerning credit card processing should be directed to the appropriate campus E-Commerce Representative.

The PDF files on this page require the free Adobe Acrobat Reader.

The PowerPoint files on this page require the free PowerPoint viewer.

Printer Friendly | E-mail this page