• Facilitates ability for departments to accept credit card payments
  • Assists with campus-wide compliance with PCI DSS (Payment Card Industry Data Security Standards)
  • Provides PCI awareness training to encourage required protection of the cardholder data environment

OP 62.06 Payment Card Processing by University Departments

Overview

toggle

Accepting credit cards increases business, helps you collect payments for your services, facilitates easy registration for your event, or whatever your situation may be. Accepting credit cards also increases your responsibility for protecting cardholder information, adds business expenditure and expands your daily office procedures.

Point of sale (POS) devices (terminals) use stand-alone payment card machines for processing payments through a dial-up phone line. The card is swiped through the terminal or the card information is keyed in. If the terminal uses the internet instead of a phone line, the connection must be secured by an institutionally approved solution.

TouchNet Marketplace is Texas Tech's online solution for accepting credit cards.

CCMS provides the loan of credit card equipment for one-time events. If you wish to accept credit cards for your event, we require a minimum of 3 days' notice for application and training. Contact us as early as possible to reserve the equipment and confirm its availability.

How to Request a New Merchant Account

toggle

To begin the setup process for accepting credit cards in person, over the phone or online, please follow the procedure outlined in OP 62.06, Payment Card Processing by University Departments.

Procedures and forms for establishing and maintaining a credit card merchant account are found in the OP.

Merchant Responsibilities

toggle

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is required by all merchants to ensure the security of cardholder data processed via their merchant account.

PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other protective measures.

Complying with PCI DSS standards will protect you, Texas Tech University, and our customers from hackers and other thieves. Non-compliance puts us all at risk.

Reconciliation of your merchant account to bank deposits is vital. POS credit card settlements must be deposited within two business days with University Deposits (see OP 62.07, Departmental Deposits and Completion of the Departmental Information Sheet (DDIS)).

Paper receipts and reports must be properly secured.

Equipment must be secured and placed out of reach of potential thieves.

Trainings, compliance self-assessments and agreements are updated and adhered to on an annual basis.

Training

toggle

PCI Awareness Training is required for all new merchants prior to processing transactions and annually for all existing merchants.

Any employee who processes payment cards or has access to sensitive payment card information received by their department, the supervisors of such staff, departmental business managers and others who oversee payment card operations in a department are required to take the online training.