[ Cash Management ]
Credit Card Processing
The Treasurer’s office is responsible for issuing credit card merchant accounts and for overseeing policies and procedures regarding payment processing. All credit card processing arrangements require the approval of the Treasurer's Office. The University has contracts with First Data for Visa/ MasterCard/Discover, and American Express for credit card acceptance. The University contracts with CyberSource for secure web payments. These are the only University approved vendors. Any relationship with other vendors must be approved by the Vice President for Finance. Contact the department of Cash Management for assistance with other vendors.
Determining the need for a Merchant Account
Almost all schools and centers accept payments for a variety of transactions including registration and application fees, memberships, dues, sales, donations, meeting and conference fees, etc. In order to accept credit cards as a form of payment, schools and or centers must obtain merchant accounts through the Treasurer’s Office.
Before applying for a merchant account you should consider the following:
- Purpose of the account
- Anticipated dollar volume
- Average transaction amount
- How often will transaction occur (year-round, during the school year or limited occasions).
For limited or one-time conferences, meetings or events please contact Conference Services who can provide credit card acceptance services without the need to open an individual merchant account.
Payment Card Industry (“PCI”) Compliance
The Payment Card Industry (including VISA, Master Card, American Express and other major credit card issuers) have developed stringent standards to protect card data. These standards can be found at https://www.pcisecuritystandards.org/ along with annual self assessment questionnaires. To review the University’s policy on PCI compliance, see: http://www.finance.upenn.edu/vpfinance/fpm/2000/2000_pdf/2006.pdf. Every University member that is involved in processing credit card transactions must be familiar with the PCI standards, as well as the University’s policy on PCI compliance. The Senior Business Officer is responsible and must complete and sign the PCI Self Assessment and Confidentiality/Non-Disclosure forms found at http://www.finance.upenn.edu/treasurer/forms/#CashMan . Senior Business Officers are also responsible to ensure that completed and signed Confidentiality/Non-Disclosure forms are kept on file locally in their School/Center.
Obtaining a Merchant Account
It takes approximately 4 weeks for merchant account numbers to be assigned. To obtain a merchant account, complete all work sheets including the Merchant Account Request Form (MAR), the Merchant Account Confidentiality Statement and the PCI Security Standards Questionnaire which are all available at http://www.finance.upenn.edu/treasurer/forms/, on the web. The PCI Security Standards Questionnaires are broken down into three groups; Blank, POS/Terminal and Cybersource, please choose the appropriate questionnaire based on the type of account you are opening. All forms MUST be typed and the forms must be signed by the requestor/Account Manager and the school/center’s Senior Business Administrator. Once complete, send the signed hard copy and an email copy to:
Credit Card Processing
3451 Walnut Street
737 Franklin Building
Philadelphia, PA 19104-6205
Upon approval, the Treasurer’s Office will obtain merchant account numbers for the requested credit card types. These numbers are then sent to FirstData to assign and affiliate them to the Visa/MC merchant number. Once complete, login credentials and instructions are sent to the Account Manager to setup the new account with CyberSource, our gateway processor. http://www.cybersource.com/support_center/
There are transaction and service fees associated with processing credit cards as well as set-up and monthly fees for on-line merchant accounts. Credit card fees can be obtained by contacting the department of Cash Management.