Skip to content
UW Policy Directory

APS 38.9 – Payment Card Acceptance

Table of Contents

    d

(Approved by authority of the President) 

Purpose

This policy establishes that University merchants accepting branded payment cards (i.e., VISA/MasterCard) must meet all UW Finance, Planning & Budgeting–Office of Merchant Services (Merchant Services) requirements and Payment Card Industry Security Standards Council standards. All University merchants are required to adopt and implement approved tools, practices, and policies to comply.

Scope

This policy applies to all University merchants and affiliated entities accepting branded payment cards.

Definitions

Merchant: Any office, unit, department, or organization at the University that accepts credit cards as a form of payment for goods and/or services. This includes temporary, seasonal, or one-time events.

Payment Cards: Credit, debit, and prepaid cards branded with one of the five partners of the PCI Security Standards Council. The five partners are Visa, MasterCard, Discover, American Express, and JCB International.

PCI Security Standards: The information security standards (published by the PCI Security Standards Council) that all merchants taking credit cards as payment are required to adopt and implement. Failure to comply may result in serious fines, penalties, and/or restrictions on merchant account activity.

Policy Statements 

1. Payment Card Acceptance

  • Any office, unit, department, or organization wishing to accept payment cards must open a merchant account through Merchant Services.
  • All University merchants are required to comply with and support PCI data security standards.
  • All University merchants are required to comply with Merchant Services policies and procedures including using preferred providers and tools.
  • Any University contract, including clickthrough contracts, involving payment card data acceptance must go through a Merchant Services review process.
  • Merchant Services must approve any exemption to the above requirements.

2. Enforcement

Failure to comply with this policy will result in restrictions on card acceptance or closure of merchant account-related services and disciplinary action. Failure to comply may result in financial penalties, increased cost of operations, and/or security breaches.

Responsible Office and Additional Information

For additional information contact Merchant Services.

History

April 30, 2009; May 13, 2009; October 15, 2018; March 3, 2020; [Formerly numbered APS 35.1] March 3, 2026.