University of Pennsylvania
divider line
Division of Finance Home
Cash and Debt Home
Cash Management Home
- Automated Clearing House
- Bank Accounts
- Credit Card Processing
- International Bank Drafts
- Wire Transfer
divider line
Document/Forms
Contact Information
Feedback


U@Penn


Treasurer Office
University of Pennsylvania
Suite 737 Franklin Building
3451 Walnut Street
Philadelphia, PA 19104
215.898.9844 (Phone)
215.573.6392 (Fax)

Penn Home Penn A-Z Directories Calendar Maps
 
Office of the Treasurer

[ Cash Management ]

Verisign - Web Payment Processor

The University of Pennsylvania has chosen Verisign as their designated web payment processor. Verisign provides Penn with a secure solution for the processing of credit card payments. Verisign authenticates billing addresses, stores credit card payment information, and provides reporting tools to access the payment information. Credit card numbers for web payments may not be stored on any Penn server. All of the credit card types & numbers will be stored on the Verisign server. All departments using web credit card processing should review the Penn security guidelines Security Standards for Web- based Applications With Sensitive Data at http://www.upenn.edu/computing/security/standards/wwwsec.html.

For information on how to use Verisign web payment processor please reference the following sections:

Getting Started

This section describes the "how-to" steps for getting started with web credit card payments.
  1. Choose a Verisign Development Option

    This section contains information regarding the two web products offered by Verisign. It is meant to be a general overview, but also contains some technical and programming information. Review this together with your web development/support staff. Security requirements are significantly reduced by utilizing the PayFlor link option, therefore, using this option is strongly recommended. Additional product descriptions (Data Sheets) and e-commerce guides (Guides) can also be found at http://www.verisign.com/products/payflow/docs/.

    Verisign offers two types of programming options for enabling web Credit Card payments:

    Payflow Link

    This option utilizes generic web forms that have been developed by Verisign. All of the web forms/pages that are needed for the authorization and payment process are Verisign-hosted. They are immediately available and no new forms need to be designed and developed. You just cut and paste the supplied HTML code into your web site and it is payment-enabled.

    Some items on the Verisign web forms can be personalized. You can define:

    • Title area at the top of all payment forms contains the specified name; a logo is allowed.
    • Page contents can be centered or left justified
    • Color and image configuration is available
    • Order Confirmation Page can contain your defined header and footer
    • EMAIL options for notification back to the merchant and customer are available
    • list the domain names (e.g. www.upenn.edu) from which orders can be accepted; if the Payflow Link transaction did not originate from this domain it will be rejected

    Additional information about basic features can be found at http://www.verisign.com/products/payflow/link

    Example Payflow Link processing screens (web forms) can be seen in the Payflow Link Getting Started Guide. See the User Guides and Manuals section (below) to learn how to access the User Guide.

    Payflow-Pro

    This solution controls the communications between your web site and the Payflow Pro server. The software is a TCP/IP option that passes data such as addresses, amounts, approvals, etc. back and forth between the host web site and the Verisign server. Generic payment processing web forms from Verisign are not available with this option; you must design and develop your own.

    Additional information about basic features can be found at http://www.verisign.com/products/payflow/pro.


  2. Request a Web Merchant Account

    To process credit card transactions a web Credit Card Merchant Account must be obtained from the Office of the Treasurer. To obtain the Merchant Account Request Form, access http://www.finance.upenn.edu/treasurer/forms/ on the web. It takes about 2 - 3 weeks to finalize the set up of the Merchant Account after the request form is submitted.

    A fee schedule for credit card rates and Verisign charges can be obtained from the Treasurer's Office. There is a monthly flat fee associated with each web Merchant Account. The monthly fees begin when the Go-Live status is activated. There is no charge for downloading or obtaining Verisign software.


  3. Verisign Registration

    The Treasurer's Office will complete the Verisign registration upon receipt via e-mail of the web Merchant Account Request Form. A Username/Password will be forwarded to the requestor. The Username/Password is required before web application testing can begin.


  4. Configure/Download Verisign Software

    For the Payflow Link option, logon to Verisign Manager using the Username/Password obtained in Step 2. Complete the Verisign preference form. This will designate options such as colors, title/heading, Email notifications, etc. There is no software to be downloaded; refer to the Verisign Getting Started Guide. Add the Verisign links to your web page and you are ready to test.

    Payflow Pro software can be downloaded from Verisign Manager using the assigned Username/Password obtained in Step 2. To obtain a current list of available platform & software options, contact Elaine Rymsza (898-4687) at ISC.


  5. Install/Test Verisign Software


  6. Ready to Go Live?

    The Treasurer's Office will notify the requestor when the web Merchant Account has been set up. The Verisign web payments can go live any time thereafter.

    The Treasurer's office activates the Go-Live option at Verisign as specified by the requestor. A few days prior to your actual GO-LIVE date, EMAIL the GO-LIVE date and time request to kmcmulle@pobox.upenn.edu. The requestor's Verisign account information will be changed from a test status to a go-live status. The actual GO-LIVE process takes only a few minutes and is immediately effective. You will receive your production Merchant Account number when the GO-LIVE status is activated.


User Guides and Manuals

Verisign has developer and user guides available. They can be viewed on the web or printed using Adobe Acrobat.

If you currently have an active User ID name and password:

Logon to Payflow Manager at https://manager.verisign.com
Enter Partner Name, Login and Password
Click on Downloads (at top of page)
Select User Guide of choice (view using Adobe Acrobat)

If you have not yet registered for your User ID and password, Product User Guides are available from a Penn server. These copies are only updated twice a year:
Payflow Link User Guide
Payflow Pro User Guide
Verisign Manager User Guide

A description of the three User Guides that are recommended for Penn use is provided below.

Verisign Manager

This is a Verisign web application which allows you to manage your transactions, print reports, download software, modify your account information, enter your Payflow Link options, etc. Everyone who will be working with the web payment process (both programmers and BAs) should read this User Guide.

Payflow Link

This is called the Getting Started Guide. It is targeted to assist the programmer with the software implementation. Large portions of it are also useful for non-programming staff. This is a guide that everyone can understand. It contains such things as

  • glossary of payment processing terms
  • frequently asked questions
  • fields stored in the Verisign database
  • response codes returned, etc.

Payflow Pro

This is a Developer's Guide and is written for the programming or web support staff. Programmers must access and refer to this guide for software implementation and testing.


Reporting & Transaction Processing

All reporting and transaction processing, such as voids and refunds, will be done over the web using Verisign Manager. To access the Verisign Manager application:

Logon to Payflow Manager at https://manager.verisign.com
Enter Partner Name, Login and Password
Click: Login

The functions within Verisign Manager are:

  • Account Info
  • Security
  • Search Utilities
  • Transaction Terminal
  • Reports
  • Downloads
  • Help

The Verisign documentation provides the best information on how to process payments and use the available report options. Refer to the section on User Guides and Manuals to learn how to locate the Verisign Manager documentation.


Usage Guidelines

This section provides guidelines for the use of Verisign web payment products (Payflow Link & Payflow Pro) at the University of Pennsylvania. Policies included are:

  • Address Verification
  • Secure Web Site Required

Address Verification

Address Verification is required in all web applications using Verisign software for Credit Card payment processing.

  • Address Verification enables the University to guarantee that each transaction is eligible for the same Fee Rate. A reduced rate for 'Card Not Present' with Address Verification is offered by Visa & Master Card. Ultimately Address Verification reduces University expense.

  • Address Verification was an identified requirement for the selection of web Credit Card software. Vendors were excluded from selection based solely upon the fact that Address Verification was not part of their payment processing. The issue of fraud and how to safeguard the University was an important question. Even though Address Verification will not detect all possible fraud, it is an important function. The University must utilize the opportunity to avoid fraud whenever possible.

  • Address Verification is automatically included in the Payflow Link HTML software. Consistency is achieved by requiring the use of Address Verification when using Payflow Pro software.

Secure Website Required

The major credit card companies such as Visa, Master Card, American Express and Discover require credit card transactions over the internet to be processed from a secure web site. Discover, for example, will access and verify the web site URL before issuing an internet merchant account. To avoid the possibility of liability and chargebacks, all web credit card transactions processed at Penn need to comply with this guideline.


Frequently Asked Questions

This section contains questions about web credit card payments from various University departments. The question/answer section will be updated as needed.

  1. Can I accept credit card payments from a web page at http://www.upenn.edu?
    If your web page is under the www.upenn.edu domain, then you are not at a secure site. Web credit card payments should only be accepted from a secure web site.

  2. Will ISC provide a server with Verisign software on it for access by all University departments?
    Verisign software is only needed if departments choose the Payflow Pro option. When processing with Payflow Pro, execution should occur from a secure site directly to Verisign. For security reasons, it is not recommended that Penn departments process to or through a common server.

    Verisign offers multiple software options for many platforms. The software choice should be based on application requirements such as security, performance, anticipated transaction volume and hardware capabilities. Offering a common server solution could possibly prevent a best choice scenario. The common server option would be used because it is convenient, not because it is the right choice. Additionally, a common server solution provides no real cost savings to the web developer. It would, however, add an additional layer of complexity for set up and testing.

  3. Will a shared server option (similar to www.upenn.edu) be made available to the Penn community for e-business applications?
    ISC Networking will be reviewing this issue to determine if it can be reasonably supported. If ISC Networking determines that support is possible, the project would need to be scheduled and the server prepared. We will update the University community when decisions are made in this area.

Finance Spotlights

Budget Planning Tools
FY10 Grant F&A Rates
Electronic Grants Submissions - Grant.Gov Acrobat PDF Document
Your Payroll and Tax info
2013 Annual Financial Report Acrobat PDF Document

Treasurer Offices

Cash Management
Debt & Liability Management
Investment Services
Office of the President Home Page Penn A-Z Directories Calendar Maps
 
 
Copyright © , University of Pennsylvania
3451 Walnut Street, Philadelphia, PA 19104 · 215.898.5000
Copyright Information | Contact Us | Privacy Policy


Penn Home
Visit Penn's website