GW recognizes that departments may need to accept payment cards for services rendered, conferences, workshops, etc. There are four approved methods for accepting payment cards at GW as outlined below. The use of PayPal, Venmo, or other unauthorized apps is prohibited by Division of Information Technology. Failure to abide by GW guidelines can affect your ability to accept payment cards.
- Point of Sale device choices
- Point-to-Point encryption (P2PE) - device terminal connected via USB to a computer
- Stand Alone Device Terminal - device terminal attached to a dedicated phone line
- Stand Alone Wireless Device Terminal - device terminal connected to 3/4G wireless
Processing transactions over the Internet using a payment gateway (software that connects your website to the banking system). GW encourages the use of TouchNet Marketplace services as it helps the campus uniformly manage eCommerce operations across campus and utilizes simplified control of information for reporting. Each School and Division has been set up with a Marketplace account. Event registration, workshops, and simple payment portals are recommended products.
GW Marketplace is the eCommerce online payment portal for card acceptance for the GW community. Powered by Touchnet, the GW Marketplace makes it easy for departments and campus organizations to manage and operate online storefronts, registration sites and secure payment portals with minimal training and seamless financial integration. The GW Marketplace eCommerce Request form should be filled out for any request to process credit card payments online.
PCI DSS Compliance
Accepting credit cards brings with it considerable responsibility for protecting the cardholder information, including Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS is a set of requirements designed to ensure that ALL companies that process, store, or transmit credit card information maintain a secure environment. Compliance with these standards will increase consumer confidence, reduce fraud and identity theft, and ensure that the university can continue to accept credit card payments.
All university entities that accept credit cards are required to participate in a PCI compliance program that is administered by Treasury Management in partnership with the Division of Information Technology. For more information, please review the PCI Data Security Standards Overview or the PCI Compliance Guide.
In the event that any cardholder data is compromised or potentially compromised, please contact the Information Technology Support Center at 202-994-GWIT (4948) and Treasury Management at 571-553-4216. This includes any suspected breach, lost or stolen files with credit card numbers, electronic loss of data, databases infected with viruses, and any other loss or potential loss of cardholder data.
For more information
Detailed information regarding compliance requirements, fees, and solutions is available to explain the process. For more information, please contact Ellen Thompson at 571-553-4216 or [email protected].
45155 Research Place
Ashburn VA 20147