Lisa Bruce is your first point of contact for E-Commerce in Extension if you plan to or are currently accepting credit cards for services and activities. This includes questions related to accepting credit cards for online shopping carts for downloadable PDFs, publications sales, curriculum training packages and modules, and products created through departmental research activities; program income from training, workshop, and conference registration fees; and service center billings for sales and services.
Credit Card processing encompasses in person credit card acceptance as well as E-commerce processing. E-Commerce involves web based, card not present, credit card processing. Using vendor-supported software, WSU Information Systems Services has implemented a secure service that allows customers to pay for WSU goods & services using their credit card via the Web. Credit card transactions are settled into WSU’s bank account and posted via the University Cashiering (Point of Sale) system to AIS Balances in a confidential manner.
CARD ACCEPTANCE BEST PRACTICES
The card must be swiped through a card processing terminal. Follow the prompts given by the terminal. Do not keep any card information after the transaction has completed.
Over The Phone
The card information can be keyed into a card processing terminal. Follow the prompts given by the terminal. Shred any card information written down while performing the transaction once the transaction is complete.
Never accept card information via an e-mail message. If a customer sends his or her card information via e-mail, delete that e-mail and send a response that WSU does not accept card information via e-mail. In the response, give the customer a list of alternative methods of sending their card information (FAX, mail, phone, web). If you reply to the original e-mail, make sure you remove any card information before sending the message.
Most PC-based Fax software does not provide a secure repository for storing incoming Faxes; therefore, the best method to accept card information is by a standalone FAX machine in a controlled location. Treat a Fax the same way as you would treat cash. Key the card information into a card processing terminal. Follow the prompts given by the terminal. Once the transaction is complete, the part of the Fax containing card information must be rendered unreadable. If the entire Fax must be kept, marking out the card information with a china marker is preferable.
The card information can be keyed into the card processing terminal. Follow the prompts given by the terminal. Once the transaction is complete, the part of the mailed form containing card information must be rendered unreadable or shredded. Shredding is preferable, but marking out the card information with a china marker is acceptable.
When designing a form that will have an area to enter card information, put that section at the bottom of the form. After the payment has been processed, the bottom of the form can be cut or torn and shredded. Remove the card information before scanning or imaging the form, or any other long-term storage. To dispose of card information, always shred the paper.
It is preferable to only accept card information when it can be processed immediately. If a delay is required and card information must be stored, do not store it in electronic format and treat the paper containing card information as if it were cash.