1 / 6

Payment Card Policy

What we all need to know. Payment Card Policy. BYU-Idaho Payment Card Policy (3-12). Approval Date: April 30, 2012 Approved by: President's Council. Purpose:

selma
Download Presentation

Payment Card Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. What we all need to know Payment Card Policy

  2. BYU-Idaho Payment Card Policy (3-12) Approval Date: April 30, 2012Approved by: President's Council

  3. Purpose: The purpose of this policy is to help assure that the university is complying with the Payment Card Industry Data Security Standards (PCI DSS) and is striving to avoid a security breach from unauthorized and inappropriate use of cardholders' information. The entire campus is required to comply

  4. The committee has representatives from each PCI zone If credit cards are accepted in person, via the web, by mail or over the phone or in any other way– the transaction is subject to PCI-DSS The policy applies to any activity related to payment cards including storage of cardholder data PCI-DSS is managed by the PCI-DSS Compliance committee

  5. There are 279 controls that must be addressed for each PCI zone. • We are hoping to limit the campus to 3 zones • Food Services • The Book Store • Every where else using a third party solution What does compliance Require?

  6. The gate-keeper for approval to accept payment cards is the University Bursar The Bursar’s Office will ensure that all payment card systems conform with PCI standards If a breach of PCI data is suspected University Risk Management must be contacted at ext. 1972 Failure to abide by PCI-DSS can result in significant fines or loss of payment card processing privileges for the University Key components of the policy

More Related