Campus Guard News – Mobile Device Security.CampusGuard News – Mobile Payment Technologies: Balancing Security with Convenience.Securing Account Data with the PCI Point-to-Point Encryption Standard. Accepting Mobile Payments with a Smartphone or Tablet Securing Account Data with the PCI Point-to-Point Encryption Standard.Payment Card Services: FAQs, Procedures, & Forms Page | 5 o The dongle is compliant, but consider the smart device that you are plugged into and when the dongle fails and you revert to the app on your smart device, all bets are off and you are in an unsecure environment. Consult Payment Card Services for assistance as once the mobile solution issues are the collection of personal data at an event by a Third-Party then becomes an issue. A mobile solutions with a SMART device is currently not available through UVA. Mobile options using a P2PE (point to point encrypted swipe terminal) and a SMART device, may currently be available through a third-party provider.For more information, please contact Payment Card Services. Non-employees should not be allowed to use wireless terminals because they have not gone through the background checks that are required for employees, nor are they bonded or insured. You must maintain a chain of custody document for each terminal.There are additional security considerations that must be satisfied to protect cardholder equipment/data. Wireless/cellular terminals obtained through our Processor, Elavon, can be used for remote, day of check-in events.For information regarding the development of a departmental website, if the Resources do not exist at the department level, please see " What other options do I have for a website, registrations or payment card processing?" for options.This function is managed through the website’s connection to the University Gateway (E-Pay UVA) or your third-party provider. The department can also opt to collect registration information on their site, process this information, and provide reports to the department or choose E-Pay to collect the registration information (see What is a Merchant Account) In order to comply with PCI standards, the application must NOT capture, store or transmit the actual credit card number. Typically, the website will supply information about the event or products. Website development and design is a departmental responsibility.The security issue with using swipe terminals is protecting the customer’s account number from exposure and misuse. A swipe terminal is the most secure method of transmitting cardholder data and the cost of the machine is minimal. Swipe terminals may also be used to manually enter mail order or telephone order transactions, where your customer is registering for an event or function, and the department does not have a website that accepts registrations or payments. Swipe terminals are typically used for face-to-face transactions and utilize a hard-wired phone connection.Payment Card Processing – Swipe and Web specifics.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |