![]() The specific guidelines for each Merchant may apply differently based on the manner(s) in which cards are accepted. ACH transactions can only be accepted online through the centrally-supported online solution to ensure they are processed in compliance with the NACHA operating rules. Noncompliance can result in financial penalties, brand damage, and the loss of the ability to accept payment cards.Īcceptance of ACH involves sensitive data and must be secured. ![]() Therefore, if one department is not compliant, MSU is not compliant. MSU reports compliance as a single entity. This policy applies to all transactions conducted in person, by mail, telephone, fax, or online e-commerce. In the event of a breach, MSU is subject to the State of Michigan laws regarding notification.Īny activities at MSU (on the East Lansing campus or other MSU properties), and all MSU-sponsored or MSU-endorsed activities which involve acceptance of payment card transactions must be compliant with the PCI DSS. Accordingly, MSU is contractually obligated to comply with the PCI DSS, all the card brand security policies, and NACHA. MSU has contracted with various service providers to enable the acceptance of payment (credit/debit) cards and automated transfers between banks (ACH or e-check) to support the efficient flow of payment into MSU for goods and services. State of Michigan Identity Theft Prevention Act 452 of 2004.NACHA, The Electronic Payments Association.American Express Data Security Operating Policy (DSOP).Discover Information Security & Compliance (DISC).MasterCard Site Data Protection Program (SDP).Visa Cardholder Information Security Plan (CISP).Payment Card Industry Data Security Standard (PCI DSS) version 3.2, revision 1.1.Governing Law or Regulation (as updated from time to time): Business Management and Implementation: PCI Compliance Manager and Departmental Merchants.Technical Management:Chief Information Officer.Strategic Direction Advice: PCI Advisory Group.Policy and Procedure: Vice President for Finance and Treasurer.Scope: Applies to all MSU employees, faculty, staff, students, organizations, third-party merchants, individuals, processes, applications, systems, and networks involved with the processing, transmitting, or storing of payment card data, or any other process that could impact the security thereof. To ensure compliance with applicable standards
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |