Merchant Services
Treasury Services manages Western’s relationship with our merchant bank and is responsible for issuing all WWU merchant accounts. All departments authorized to accept credit cards as a payment method for their customers must be compliant with Payment Card Industry Data Security Standards (PCI DSS). All departments must be authorized by Treasury Services. To start the process, please submit the E-Commerce Authorization form and the Bankcard Authorization form.
Credit Card Processing
At Western, there are several types of credit card processing methods used:
| Credit Card Processing Method | Environment | Equipment Required | Departmental Cost |
|---|---|---|---|
| CASHNet eMarket | eCommerce | eCommerce where the customers directly input the credit card data. | Interchange fees |
| Credit Card Terminal | Face-to-face or Mail order / telephone, where customers directly input their phone order (MOTO) | Stand-alone credit card processing terminal, dedicated analog phone line | Interchange fees, analog phone line |
| Third-Party eMarket | eCommerce | Must be pre-approved by the Director of Administrative Computing | Varies |
The following methods of Credit Card Processing are being phased out. Because of potential PCI issues, they are no longer approved by the University. Please visit our eCommerce site or contact Becky Kellow to discuss alternatives.
| Credit Card Processing Method | Environment | Equipment Required | Departmental Cost |
|---|---|---|---|
| Credit Card Deposit Form | Department submits to Cashier’s Office | Personal computer to obtain Credit Card Deposit Form | Varies |
| Third-Party eMarket | eCommerce | Varies | Varies |
**NOTE: Mobile point-of-sale tools (Square, etc.) are currently NOT APPROVED devices for accepting payments.
What is PCI Compliance?
PCI Compliance ensures cardholder information is used, stored, and transmitted safely. The PCI Security Standards Council is an open global forum that develops security standards used throughout the industry.
Why is PCI Compliance important?
Individual card brands, including American Express, Discover Financial Services, MasterCard, and Visa, establish compliance requirements. The PCI Standards Council is responsible for the development, management, education, and awareness of the PCI Security Standards. PCI compliance is a very serious and important issue for the University.
Penalties for PCI non-compliance
The Payment Card Industry has established fines of up to $500,000 per incident for security breaches when merchants are not PCI compliant.
In addition, it is required that all individuals whose information is believed to have been compromised must be notified in writing to be on alert for fraudulent charges. As such, the potential cost of a security breach can far exceed $500,000 when the cost of customer notification and recovery is calculated.
Potential cost of a security breach
- Fines of $500,000 per incident for being PCI non-compliant
- Increased audit requirements
- Potential for campus-wide shutdown of credit card activity by our merchant bank
- Cost of printing and postage for customer notification mailing
- Cost of staff time (payroll) during security recovery
- Cost of lost business during register or store closures and processing time
- Decreased sales due to marred public image and loss of customer confidence
Please contact Becky Kellow (becky.kellow@wwu.edu; 360-650-3720), Treasury Services Manager, for further information.