- d
(Approved by the President per delegation of authority Administrative Order No. 9)
1. Purpose
This policy establishes that University of Washington merchants accepting branded payment cards (i.e., VISA/MasterCard) must meet all UW Finance – Office of Merchant Services (Merchant Services) requirements and Payment Card Industry Data Security Standard (PCI DSS). All University merchants are required to adopt and implement approved tools, practices, and policies to comply. Failure to comply may result in financial penalties, increased cost of operations, and/or security breaches.
2. Scope
This policy applies to all University merchants accepting payment cards.
3. Definitions
Merchant: Any office, unit, department, or organization at the University that accepts credit cards as a form of payment for goods and/or services. This includes temporary, seasonal, or one-time events.
Payment Cards: Credit, debit, and prepaid cards branded with one of the five partners of the PCI Security Standards Council. The five partners are Visa, MasterCard, Discover, American Express, and JCB International.
PCI Security Standards: The information security standards (published by the PCI Security Standards Council) that all merchants taking credit cards as payment are required to adopt and implement. Failure to comply may result in serious fines, penalties, and/or restrictions on merchant account activity.
4. Payment Card Acceptance
- Any office, unit, department, or organization wishing to accept payment cards must open a merchant account through Merchant Services.
- All University merchants are required to comply with and support PCI data security standards.
- All University merchants are required to comply with Merchant Services policies and procedures.
- All University merchants are required to use Merchant Services preferred providers and tools for card transactions.
- Merchant Services must approve any exemption to the above requirements.
5. Enforcement
Failure to comply with this policy may result in restrictions on card acceptance or closure of merchant account-related services and disciplinary action.
6. Responsible Office
For additional information contact Merchant Services.
7. History
April 30, 2009; May 13, 2009; October 15, 2018; March 3, 2020.