Finance Division

Cash and Treasury Services

CREDIT/DEBIT CARD ACCEPTANCE
Effective:  06/01/2007
Revised:  06/01/2011

Responsible Office: Cash and Treasury Services

Policy
Clemson University accepts credit/debit cards for payment on a department by department basis in accordance with state guidelines and the payment card industry standards (PCI compliance). Departments must receive prior approval from Cash and Treasury Services to receive payments by credit/debit cards. Failure to follow university policies or a lapse in identity security may result in the suspension or revocation of the right to accept credit/debit cards payments.

Any department that routinely accepts credit/debit cards for payment must follow guidance provided by Cash and Treasury Services. Individual departments are responsible for all costs associated with the acceptance of credit/debit cards including equipment costs and bank processing fees. Departments are also responsible for any credit/debit card transactions that are disputed and charged back to the University.

Guidance

Security
Departments who accept credit/debit cards for payment are responsible for ensuring all card information is received and maintained in a secure manner in accordance with the payment card industry standards and identity theft laws. Individual departments will be held accountable if monetary sanctions and/or card acceptance restrictions are imposed as a result of a breach in PCI compliance.

Under no circumstances should credit/debit card information be obtained or transmitted via email. Credit/debit card information should not be stored on individual PCs or servers that have not been deemed PCI compliant. All hard-copy card information should be stored in manner that would protect the individual cardholder information from misuse.

Receipting Funds
Credit/debit card transactions are subject to the University’s Cash Receipting policy including the timeliness of deposits requirement. All transactions should be submitted to Cash and Treasury Services for processing within one business day if funds are receipted daily or 3 business days if funds are received less frequently. In addition, the signed merchant copy of the credit/debit card receipt and/or system generated report must be sent to Cash and Treasury Services with the corresponding receipt transmittal. Adequate documentation of the transactions must be maintained for reconciliation purposes.

Establishing a Merchant Account
A request for approval to receive credit/debit cards must be sent to Cash and Treasury Services who will then coordinate the set-up and issuance of all card merchant ID numbers with the contracted card processor. The SC State Treasurer’s Office has established a state contract for credit/debit card merchant processing for all state agencies. Any use of a third-party vendor who will accept/process card transactions on behalf of Clemson University must be coordinated with Cash and Treasury Services. Any third party vendor used by the University must provide evidence of PCI compliance at least once a year.

Payment Card Industry (PCI) Data Security Standard
The payment card industry (Visa, MasterCard, Discover, and American Express) has collaborated to create a single set of industry requirements, called the Payment Card Industry (PCI) Data Security Standard, for consumer data protection. The PCI Data Security Standard aligns all payment card companies’ security standards to create streamlined requirements, compliance criteria and validation processes.

If a member, merchant or service provider does not comply with the security requirements or fails to rectify a security issue, the payment card industry may fine the responsible member and/or impose restrictions on the merchant or its agent.