Credit Card & Merchant Services
GW recognizes that departments may need to accept payment cards for services rendered, conferences, workshops, etc. There are four approved methods for accepting payment cards at GW as outlined below. The use of PayPal, Venmo, or other unauthorized apps is prohibited by Division of Information Technology. Failure to abide by GW guidelines can affect your ability to accept payment cards.
Point of Sale device choices
- Point-to-Point encryption (P2PE) - device terminal connected via USB to a computer
- Stand Alone Device Terminal - device terminal attached to a dedicated phone line
- Stand Alone Wireless Device Terminal - device terminal connected to 4G wireless
Processing transactions over the Internet using a payment gateway (software that connects your website to the banking system). GW encourages the use of TouchNet Marketplace services as it helps the campus uniformly manage eCommerce operations across campus and utilizes simplified control of information for reporting. Each School and Division has been set up with a Marketplace account. Event registration, workshops, and simple payment portals are recommended products.
GW Marketplace is the eCommerce online payment portal for card acceptance for the GW community. Powered by Touchnet, the GW Marketplace makes it easy for departments and campus organizations to manage and operate online storefronts, registration sites and secure payment portals with minimal training and seamless financial integration. The GW Marketplace eCommerce Request form should be filled out for any request to process credit card payments online.
Chargeback Notice Journal Entries
If your merchant account receives a Chargeback Notice you will need to prepare a journal entry to reflect this transaction being debited from our bank account. A Chargeback is a processed payment card transaction that is reversed (charged back) to a merchant because the customer’s bank finds something wrong with the transaction. There are several reasons transactions can be reversed:
- Authorization error – a transaction was allowed even though the authorization was declined.
- Processing error – incorrect calculation on the sales draft, invalid account number, or expired card.
- Customer disputes – (most often) the customer denies taking park in the transaction, claims purchased merchandise or services were never received and an attempt was already made to resolve the dispute, or a promised credit was never processed.
You must be able to provide compelling evidence to prove the cardholder authorized the payment. Types of evidence include emails, eCommerce transaction details downloaded from merchant’s website or application, registration forms, etc.
PCI DSS Compliance
Accepting credit cards brings with it considerable responsibility for protecting the cardholder information, including Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS is a set of requirements designed to ensure that ALL companies that process, store, or transmit credit card information maintain a secure environment. Compliance with these standards will increase consumer confidence, reduce fraud and identity theft, and ensure that the university can continue to accept credit card payments.
All university entities that accept credit cards are required to participate in a PCI compliance program that is administered by Treasury Management in partnership with the Division of Information Technology. For more information, please review the PCI Data Security Standards Overview or the PCI Compliance Guide.
In the event that any cardholder data is compromised or potentially compromised, please report a data incident on the GW Privacy website or by email to [email protected]. In addition, please contact Treasury Management at [email protected]. This includes any suspected breach, lost or stolen files with credit card numbers, electronic loss of data, databases infected with viruses, and any other loss or potential loss of cardholder data.