2.1.3 CARDHOLDER DATA SECURITY
|
|
- Christopher Marshall
- 6 years ago
- Views:
Transcription
1 University of Oxford Finance Division FINANCIAL POLICY CARDHOLDER DATA SECURITY Date: 27 June 2017 Version: 1.0 Status: Draft Author: Bridget Midwinter
2 TABLE OF CONTENTS Page Purpose... 3 Objectives... 3 Scope... 4 Roles and Responsibilities... 4 Compliance... 5 Review and Development... 5 Appendix I June 2017 Version 1.0 Page 2 of 6
3 Purpose This policy outlines the University s approach to managing the security of payment cardholder data and sensitive authentication data and provides the guiding principles and responsibilities to ensure the University complies with the Payment Card Industry Data Security Standard (PCI DSS). Refer to Appendix 1 for further information regarding PCI DSS. This policy should be read in conjunction with, the University s Information Security Policy and the Cardholder Data Security Rules as published on the University Finance Division website. Definition Wherever this policy refers to cardholder data this applies to both cardholder data and/or sensitive authentication data. Cardholder data is defined as including the Primary account number (PAN), cardholder name, expiry date, and security code. The PAN is the defining factor for cardholder data. If cardholder name, security code, and/or expiry date are stored, processed or transmitted with the PAN they must be treated as cardholder data. Sensitive authentication data is defined as: - Full track data (magnetic-stripe data or equivalent on a chip) - CAV2/CVC2/CVV2/CID - PINs/PIN blocks Objectives The University s objectives for securing cardholder data are that: All units 1 processing, transmitting or handling cardholder data on behalf of the University will be demonstrably compliant with the PCI DSS. Cardholder data will not be stored in electronic format on any system or system components that are managed and maintained by the University. Cardholder data will only be processed or transmitted in accordance with specific University handling rules and guidelines. Only technologies and services approved by the Finance Division will be used to store, process or transmit cardholder data on behalf of the University. All external parties that provide services that may affect the security of cardholder data will be approved by Finance Division and contractually bound to comply with the requirements of the PCI DSS. All individuals with access to cardholder data are aware and kept informed of their responsibilities in this respect. 1 Units in the context of this policy includes all academic divisions, departments, faculties, and other units, all service units, and all majority and wholly owned subsidiaries. 26 June 2017 Version 1.0 Page 3 of 6
4 Incidents that potentially affect the security of cardholder data are effectively managed and resolved, and learnt from, to improve our control environment and compliance. Scope This policy is applicable across the University and applies to: All units that process, transmit or handle any cardholder data on behalf of the University; Any units that may otherwise affect the security of cardholder data being processed on behalf of the University; External parties that provide services that may affect the security of cardholder data being processed on behalf of the University; and All majority and wholly owned University subsidiary companies that process, transmit or handle any cardholder data unless separate policies have been formally approved and adopted by the Boards of those companies and endorsed by Council s General Purposes Committee. Roles and Responsibilities The following bodies and individuals have specific responsibilities for cardholder data security: The Director of Finance is responsible for the security of cardholder data processed on behalf of the University and for the University s compliance with the PCI DSS; establishing and maintaining the University s strategy and framework for the security of cardholder data and sensitive authentication data, and compliance with the PCI DSS; establishing, maintaining and monitoring compliance against applicable PCI DSS requirements and cardholder data handling rules across the University; establishing, reviewing, maintaining and appropriately communicating all policies, processes and procedures relating to the security of cardholder data and compliance with the PCI DSS; and providing suitable guidance and support to departments regarding the handling of cardholder data. The Chief Information Security Officer is responsible for providing technical advice in relation to PCI DSS requirements; and 26 June 2017 Version 1.0 Page 4 of 6
5 maintaining the University s Information Security Policy as appropriate to reflect current PCI-DSS requirements. Heads of Departments and Faculty Board Chairs and their equivalents, and heads of University Services, are responsible for the effective implementation of this policy and for the security and compliance of cardholder data within their unit. Units may lose their Merchant ID and the ability to process payment cards if found to be non-compliant, and will be responsible for any costs that the University incurs as a result of any non-compliance. All staff handling cardholder data are required to comply with the terms of this policy, and to undertake relevant awareness training. Staff handling cardholder data are responsible for making informed decisions to protect the security of the data, and are accountable for maintaining compliance with the PCI DSS. Staff in breach of the terms of this policy may be subject to disciplinary action. Compliance The University will conduct information security compliance and assurance activities to ensure its security objectives and the requirements of the PCI DSS are met. Failure to comply with this policy and cardholder data handling rules will be treated extremely seriously by the University and may result withdrawal of the merchant ID and ability to process cards as well as in enforcement action on a department or individual. Review and Development This policy, and supporting documentation, will be reviewed and updated by the Finance Division on an annual basis to ensure that they: - Remain operationally fit for purpose; - Reflect changes in technologies; - Are aligned to industry best practice; and - Support continued regulatory, contractual and legal compliance. 26 June 2017 Version 1.0 Page 5 of 6
6 Appendix I PCI SECURITY STANDARDS COUNCIL (PCI SSC) The PCI Security Standards Council was founded by American Express, MasterCard Worldwide, and Visa Inc (amongst others). Participating organisations include merchants, payment card issuing banks, processors, developers and other vendors. It is a global open body formed to develop, enhance, disseminate, and assist with the understanding of security standards for payment account security. The Council maintains, evolves, and promotes the PCI security standards. See PCI Security Standards Council web site for more detail PCI DATA SECURITY STANDARD (PCI DSS) PCI Security Standards are technical and operational requirements set by the PCI SSC to protect cardholder data. The standards apply to all organisations that store, process or transmit cardholder data. The Council is responsible for managing the security standards, while compliance with the PCI DSS is enforced by the founding members of the Council. All Merchants who accept or process payment cards must comply with the PCI DSS. Substantial penalties can be imposed for non-compliance with the PCI DSS regulations, with further penalties for any actual data compromise. As a final resort, the Merchant can be refused permission to process card data. OVERVIEW OF PCI DSS REQUIREMENTS The 12 requirements of PCI DSS in summary are: Requirements 1-2 Build and maintain a secure network Requirements 3-4 Protect cardholder data Requirements 5-6 Maintain a vulnerability management programme Requirements 7-9 Implement robust control measures / Control access to card data Requirements Regularly monitor and test your computer networks Requirement 12 Make information security a priority 26 June 2017 Version 1.0 Page 6 of 6
COLORADO STATE UNIVERSITY Financial Procedure Statements FPI 6-6
1. Procedure Title: PCI Compliance Program COLORADO STATE UNIVERSITY Financial Procedure Statements FPI 6-6 2. Procedure Purpose and Effect: All Colorado State University departments that accept credit/debit
More informationAdministration and Department Credit Card Policy
Administration and Department Credit Card Policy Updated February 29, 2016 CONTENTS Purpose PCI DSS Scope/Applicability Authority Securing Credit Card Data Policy Glossary Page 2 of 5 PURPOSE As a department
More informationPayment Card Industry Data Security Standards (PCI DSS) Initial Training
Payment Card Industry Data Security Standards (PCI DSS) Initial Training PCI DSS Training Content What topics will this training cover? What is PCI DSS? Objectives of PCI DSS Common Terminology Background
More informationPCI Training. If your department processes credit card information, it is CRITICAL that you understand the importance of protecting this data.
PCI Training This training is to assist you in understanding the policies at Appalachian that govern credit card transactions and to meet the PCI DSS Standards for staff training to prevent identity theft.
More informationPayment Card Security Policy
Responsible University Administrator: Vice President for Finance and Administration Responsible Officer: Director of Student Financial Services Origination : 4/1/2016 Current Revision : N/A Next Review
More informationBusiness Practices Seminar April 3, 2014
Business Practices Seminar April 3, 2014 Departmental Operations Review of Payment Card Industry Standard Assessment Process Overview Review of University Policy No. 3610 57.7 467 200+ Scott Weimer Director
More informationPayment Card Industry Compliance Policy
PURPOSE and BACKGROUND The purpose of this policy is to ensure that Massachusetts Maritime Academy (MMA) maintains compliance with the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is
More informationBall State University
PCI Data Security Awareness Training Agenda What is PCI-DSS PCI-DDS Standards Training Definitions Compliance 6 Goals 12 Security Requirements Card Identification Basic Rules to Follow Myths 1 What is
More informationClark University's PCI Compliance Policy
ï» Clark University's PCI Compliance Policy Who Should Read this Policy: All persons who have access to credit card information, including: Every employee that accesses handles or maintains credit card
More informationPAYMENT CARD INDUSTRY
DATA SECURITY POLICY Page 1 of 1 I. PURPOSE To provide guidelines and procedures to ensure that all money paid to the College in the form of cash, checks or payment cards is properly receipted, accounted
More informationWEBINAR. Five Steps to PCI Compliance. Madeline Long. Ron Demmans. Download these slides at Director of Sales Solveras
Five Steps to PCI Compliance Sponsored by Madeline Long Director of Sales Solveras Ron Demmans Director of Sales Administration Solveras WEBINAR 1. What is PCI Compliance? 2. How does PCI Compliance affect
More informationTerminal Servicers. Frequently Asked Questions. 28 March 2018
Terminal Servicers Frequently Asked Questions 28 March 2018 Notices Following are policies pertaining to proprietary rights and trademarks. Proprietary Rights The information contained in this document
More informationPCI 101: Transaction Volumes and Validation Requirements. By Chip Ross January 4, 2019
PCI 101: Transaction Volumes and Validation Requirements By Chip Ross January 4, 2019 Regarding PCI compliance, all entities that store, process or transmit cardholder data are subject to the requirements
More informationCREDIT CARD PROCESSING AND SECURITY
CREDIT CARD PROCESSING AND SECURITY POLICY NUMBER: RESERVED FOR FUTURE USE RESPONSIBLE OFFICIAL TITLE: SENIOR VICE PRESIDENT FOR ADMINISTRATION AND FINANCE RESPONSIBLE OFFICE: ADMINISTRATION AND FINANCE
More informationAdministration Policy
Administration Policy Complete Policy Title: Policy for Acceptance of Payment Cards and ecommerce Payments Approved by: Vice-President (Administration) Date of Original Approval: August 2005 Responsible
More informationPCI FAQ Q: What is PCI? ALL process, store transmit Q: To whom does PCI apply? Q: Where can I find the PCI Data Security Standards (PCI DSS)?
PCI FAQ Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information
More informationQ: What is PCI? Q: To whom does PCI apply? Q: Where can I find the PCI Data Security Standards (PCI DSS)? Q: What are the PCI compliance deadlines?
Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain
More informationCredit Card Handling Security Standards
Credit Card Handling Security Standards Overview This document is intended to provide guidance regarding the processing of charges and credits on credit and/or debit cards. These standards are intended
More informationVPSS Certification Frequently Asked Questions
VPSS Certification Frequently Asked Questions What is the difference between Visa s Account Information Security (AIS) program and VPSS Certification? The AIS program ensures compliance to the Payment
More informationPayment Card Acceptance Administrative Policy
Administrative Procedure Approved By: Brandon Gilliland, AVP for Finance and Controller Effective Date: January 15, 2016 History: Approval Date: September 25, 2014 Revisions: December 15, 2015 Type: Administrative
More informationPAI Secure Program Guide
PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements (PCI DSS) and utilizing the PAI Secure Program Welcome to PAI Secure, a unique 4-step PCI-DSS
More informationPCI-DSS for Credit Unions
PCI-DSS for Credit Unions Tom Schauer; CEO @ TrustCC CISSP, CISA, CISM, CRiSC, CEH, CTGA tschauer@trustcc.com Misinformation Opinion: There is more confusion and more misinformation about PCI requirements
More informationPCI DSS and GDPR Made Easy
PCI DSS and GDPR Made Easy ENRICO ERMANNO DALL ARA PCI QSA 203-275, CISSP, GPEN Chief Security Officer @ 366 SECOM ITB, Berlin, March 9th 10:30 Can you afford 4% of yearly turnover in fine? REGULATIONS:
More informationRETAIL SPECIFIC NEWS Keeping you in the know
SUMMER 2013 EDITION NEWS RETAIL SPECIFIC NEWS Keeping you in the know Important ImportantInformation Information--Please Pleasekeep keepin inaasafe safeplace place This Edition of Retail Specific Dynamic
More informationCampus Administrative Policy
Campus Administrative Policy Policy Title: Credit Card Acceptance Policy Number: 2019 Functional Area: Finance Effective: February 1, 2011 Date Last Amended/Reviewed: February 1, 2011 Date Scheduled for
More informationWhat is PCI Compliance?
What is PCI Compliance? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card
More informationPCI security standards: A high-level overview
PCI security standards: A high-level overview Prepared by: Joel Dubin, Manager, RSM US LLP joel.dubin@rsmus.com, +1 312 634 3422 Many merchants often have difficulty understanding how they must comply
More informationCredit Card Acceptance and Processing Procedures
Credit Card Acceptance and Processing Procedures Introduction Michigan Tech accepts credit cards for many payments of goods and services. Credit card payments must be processed in compliance with Payment
More informationSubject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards
University Policy: Cardholder Data Security Policy Category: Financial Services Subject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards Office Responsible
More informationPCI Compliance and Payment Card Processing Policy
PCI Compliance and Payment Card Processing Policy Policy Number: Effective Date: Approval: Office: PURPOSE: The University of Indianapolis accepts payment cards on payment for goods and services under
More informationUNL PAYMENT CARD POLICIES AND PROCEDURES. Table of Contents
UNL PAYMENT CARD POLICIES AND PROCEDURES Table of Contents Payment Card Merchant Security Standards Policy and Procedures... 2 Introduction... 4 Payment Card Industry Data Security Standard... 4 Definitions...
More informationPayment Card Industry Training 2014
Payment Card Industry Training 2014 Phone Line Terminal & Hosted Order Page/Secure Acceptance Redirect Merchants Contact * Carole Fallon * 614-292-7792 * fallon.82@osu.edu Updated May 2014 AGENDA A. Payment
More informationApplication of Policy. All University faculty, staff, and third party service providers.
Policies of the University of North Texas Chapter 10 10.035 Accepting Credit Cards Fiscal Management Policy Statement. UNT supports the acceptance of credit cards as payment for goods and services to improve
More informationSubject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards
University Policy: Cardholder Data Security Policy Category: Financial Services Subject: Protecting cardholder data in support of the Payment Card Industry (PCI) Data Security Standards Office Responsible
More informationA to Z Jargon buster. Call +44 (0) to discuss your upgrade options
A to Z Jargon buster Call +44 (0) 844 209 4370 to discuss your upgrade options www.pxp-solutions.com sales@pxp-solutions.com twitter: @pxpsolutions Are you trying to navigate your way around what can seem
More informationMERCHANT MEMBER PACKAGE AGREEMENT & APPLICATION
MERCHANT MEMBER PACKAGE AGREEMENT & APPLICATION Vantage Card Services, Inc. 2230 Towne Lake Parkway Building 400, Suite 110 Woodstock, GA 30189 (800) 397-2380 (770) 928-5688 Fax (770) 928-9328 www.vantagecard.com
More informationPayment Card Industry Data Security Standards (PCI DSS) Awareness Training
Payment Card Industry Data Security Standards (PCI DSS) Awareness Training PCI DSS Training Content What topics will this training cover? What is PCI DSS? Objectives of PCI DSS Common Terminology Background
More informationminimise card fraud in your business.
minimise card fraud in your business. First National Bank Tanzania Limited - a subsidiary of FirstRand Limited. A Registered Commercial Bank in Tanzania (CBA00050). There is a real possibility that your
More informationTERMS FOR THE PARTICIPATION IN CARD SCHEMES
TERMS FOR THE PARTICIPATION IN CARD SCHEMES The following Terms for the Participation in Card Schemes govern the AGREEMENT FOR THE PARTICIPATION IN CARD SCHEMES between JCC Payment Systems Limited ( JCC
More informationTable of Contents. Overview. What is payment processing? Who s Who. Types of Payment Solutions. Online Transactions. Interchange Process
Overview Credit Card Processing 101 is your go-to handbook for navigating the payments industry. This document provides a quick and thorough understanding on how businesses accept electronic payments,
More informationTERMS AND CONDITIONS. Hereafter Slush Helsinki and Slush Tokyo are referred together as Slush.
TERMS AND CONDITIONS Slush Helsinki is organized by Slush Oy (Finnish business ID 2554151-6), a wholly Finnishowned company, whose main business is organizing startup and technology conferences and building
More informationThe University of Michigan Treasurer s Office Card Services. Merchant Services Policy Document
Merchant # (Treasurer s Office Use Only): The University of Michigan Treasurer s Office Card Services Merchant Services Policy Document Describe Business Purpose: Enter Merchant Name (25 characters max):
More informationPayPal Website Payments Pro and Virtual Terminal Agreement
>> View all legal agreements PayPal Website Payments Pro and Virtual Terminal Agreement Last Update: March 29, 2017 Print Download PDF This PayPal Website Payments Pro and Virtual Terminal agreement ("Pro/VT
More informationSALES & SERVICE POLICIES
Financial Policy Manual SALES & SERVICE POLICIES 2001 Sales & Service Activities 2002 Collection, Reporting & Payment of Pennsylvania Sales & Use Tax 2003 Financial Responsibilities for Sales & Service
More informationSecuring Credit Card Data at UB (complying with Payment Card Industry Data Security Standards)
Securing Credit Card Data at UB (complying with Payment Card Industry Data Security Standards) Carolann Lazarus Internal Audit PCI Compliance Initiative Co-lead lazarus@buffalo.edu (716) 829-6947 Tricia
More informationTERMS AND CONDITIONS. Hereafter Slush Helsinki, Slush Singapore and Slush Tokyo are referred together as Slush.
TERMS AND CONDITIONS Slush Helsinki is organized by Startup Sauna Oy (Finnish business ID 2554151-6), a wholly Finnish-owned company, whose main business is organizing startup and technology conferences
More informationBefore debiting the Cardholder, the Merchant shall conduct the checks specified below.
REGULATIONS FOR SALES PAID BY CARD REMOTE TRADING (Card Not Present) (October 2015) These regulations, the "Remote Trading Regulations", apply to sales paid by Card in Remote Trading. "Remote Trading"
More informationData Breach Financial Protection Program Terms and Conditions
Data Breach Financial Protection Program Terms and Conditions The Data Breach Financial Protection Program (the Program ) is a comprehensive expense reimbursement program, provided with some Netsurion
More informationTERMS AND CONDITIONS DEFINITIONS Agreement means these Terms and Conditions, [together with the Fee Schedule in accordance with 1.1].
TERMS AND CONDITIONS DEFINITIONS Agreement means these Terms and Conditions, [together with the Fee Schedule in accordance with 1.1]. Available Funds means at any given time any unspent funds loaded onto
More informationPayment Processing 101
Payment Processing 101 Timelines & Deliverables PRESENTED BY Pg: 1 March 7, 2018 www.clearwaterpayments.com Quick Agenda Credit/Debit Transactions Industry Definitions Transaction Process Cost/Pricing
More informationPRIVACY AND CYBER SECURITY
PRIVACY AND CYBER SECURITY Presented by: Joe Marra, Senior Account Executive/Producer Stoya Corcoran, Assistant Vice President Presented to: CIFFA Members September 20, 2017 1 Disclaimer The information
More informationHarvard Credit Card Merchant Agreement (HCCMA) I. Introduction
Harvard Credit Card Merchant Agreement (HCCMA) I. Introduction The Harvard credit card merchant agreement represents the terms and conditions for Harvard University departments obtaining a credit card
More informationTHE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL
THE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL THIS PROTOCOL is dated 2018 BETWEEN (1) The Chancellor, Masters, and Scholars of the University of Cambridge of The Old Schools,
More informationChapter 4 E-commerce Security and Payment Systems
Chapter 4 E-commerce Security and Payment Systems Copyright 2016 Pearson Education, Ltd. 4.5 E-COMMERCE PAYMENT SYSTEMS Copyright 2016 Pearson Education, Ltd. Slide 1-2 E-commerce Payment Systems In this
More informationVisa s Approach to Card Fraud and Identity Theft
Visa s Approach to Card Fraud and Identity Theft Paul Russinoff June 7, 2007 Discussion Topics Visa s Comprehensive Security Approach Multiple Layers Commitment to Cardholders Consumer Tips Protecting
More informationSage ERP I White Paper
I White Paper Credit Card Payment Processing: Making Sense of the Credit Card Industry How Integrated credit card processing with saves time, money and effort Table of Contents Introduction...3 Why Credit
More informationBUSINESS POLICY. TO: All Members of the University Community 2016:07. Credit Card Processing and Security Policy (Supersedes Policy 2009:05 & 2012:12)
BUSINESS POLICY TO: All Members of the University Community 2016:07 DATE: February 2016 Credit Card Processing and Security Policy (Supersedes Policy 2009:05 & 2012:12) Contents Section 1 Scope...2 Section
More informationClydesdale Bank and Yorkshire Bank Merchant Services
Important Information Clydesdale Bank and Yorkshire Bank Merchant Services Merchant Operating Instructions Table of Contents 1 Welcome 4 1.1 Making the most of this guide 4 1.2 What else you need to read
More informationAmerican Express Data Security Operating Policy Thailand
American Express Data Security Operating Policy Thailand As a leader in consumer protection, American Express has a long-standing commitment to protect Cardmember Information, ensuring that it is kept
More informationIndiana University Payment Card Merchant Agreement
Indiana University Payment Card Merchant Agreement This Merchant Agreement (the Agreement ), executed on the date stated below, which includes any schedule or addendum to this Agreement, all of which are
More informationPayment Card Industry (PCI) Data Security Standard Validation Requirements. For Approved Scanning Vendors (ASV)
Payment Card Industry (PCI) Data Security Standard Validation Requirements For Approved Scanning Vendors (ASV) Version 1.2 October 2008 Document Changes Date Version Description October 1, 2008 1.2 To
More informationGlobal Visa Card-Not-Present Merchant Guide to Greater Fraud Control. Protect Your Business and Your Customers with Visa s Layers of Security
Global Visa Card-Not-Present Merchant Guide to Greater Fraud Control Protect Your Business and Your Customers with Visa s Layers of Security Millions of Visa cardholders worldwide make one or more purchases
More informationCompute Managed Services Schedule to the Products and Services Agreement
Compute Managed Services Schedule to the Products and Services Agreement Contents Words defined in the General Terms and conditions... 2 Part A Compute Managed Services... 2 1 Service Summary... 2 2 Service
More informationUser Terms & Conditions Last updated: June 15, 2016
User Terms & Conditions Last updated: June 15, 2016 THIS PAYWITH USER TERMS AND CONDITIONS ( AGREEMENT OR TERMS ) IS A CONTRACT BETWEEN YOU ( YOU OR USER ) AND PAYWITH WORLDWIDE INC., A DELAWARE CORPORATION
More informationGeneral Conditions for issuance and use of Visa Credit Cards with chip of Komercijalna Banka AD Skopje for individuals 1
General Conditions for issuance and use of Visa Credit Cards with chip of Komercijalna Banka AD Skopje for individuals 1 Basic and General Rules for issuance and use of Visa Credit Cards with chip of Komercijalna
More informationAIB MERCHANT SERVICES STANDARD TERMS AND CONDITIONS
Terms & Conditions TABLE OF CONTENTS AIB MERCHANT SERVICES STANDARD TERMS AND CONDITIONS 1. Definitions and Interpretation... 4 2. Honouring of Cards... 4 3. Authorisation... 4 4. Acceptance of Transactions...
More informationCompute Managed Services Schedule to the General Terms
Compute Managed Services Schedule to the General Terms Contents A note on you... 2 Words defined in the General Terms... 2 Part A Compute Managed Services... 2 1 Service Summary... 2 2 Service Components...
More informationPAYMENT TERMINAL TERMS AND CONDITIONS 2018
PAYMENT TERMINAL TERMS AND CONDITIONS 2018 www.nets.eu/payments Contents DEFINITIONS...3 1. SUBJECT MATTER OF THE AGREEMENT, DELIVERY OF THE PAYMENT TERMINAL...4 2. USE OF THE PAYMENT TERMINAL...4 3. PAYMENT
More informationThis document applies to the following: Coles MasterCard (Rewards) Coles MasterCard (No Annual Fee) Coles MasterCard (Low Rate)
Contract Documents Includes: Contract Documents & Important Notices About Your Credit Card, Loyalty Terms and Conditions and (if applicable) Insurance and Concierge Terms and Conditions August 2016 This
More informationEvent Merchant Card Services
Event 317 - Merchant Card Services Statement of Work A. Overview: It is the intent of the Bexar County Tax Assessor-Collector to solicit proposals to establish a contract with a vendor to provide merchant
More informationCARD ISSUER DUTIES & RESPONSIBILITIES. Copyright 2013 CO-OP Financial Services
SECTION 3 Operating Rules and Regulations without the prior written permission of CO-OP Financial Services. All Rights Reserved Card Issuers shall have the following responsibilities in addition to those
More informationCASH HANDLING. These procedures apply to any individual handling or processing University or Auxiliary Organization cash or cash equivalents.
PURPOSE To provide procedures and guidance for accepting cash and cash equivalents, providing physical and electronic security of cash and cash equivalents and ensuring appropriate segregation of duties
More informationPayment Acceptance Services
Payment Acceptance Services Provided by Elavon 1 Merchant Acquiring Services About Us Santander Corporate & Commercial has an international footprint with a presence in 10 core countries and many more
More informationElectronic Payments: The Winds of Change, A Call to Action. Will 2011 Be An Eventful Year in the History of Payment Card Security?
Electronic Payments: The Winds of Change, A Call to Action Will 2011 Be An Eventful Year in the History of Payment Card Security? 1 Presenter W. Stephen Cannon, Chairman, Constantine Cannon LLP Former
More informationVisa Europe Compliance Report
Visa Europe Compliance Report General Direction 3 Form B General Direction 3 Please complete the form below, ensuring that you respond to each section of the paper. The main headings relate to the reporting
More informationBusiness Day means any day other than a Saturday, Sunday or national public holiday on which banks are open for business in Gibraltar and the UK.
Terms and Conditions DEFINITIONS Agreement means these Terms and Conditions. Available Funds means at any given time any unspent funds loaded onto Your Card which is available to pay for transactions and
More informationSmart Tuition Addendum
Smart Tuition Addendum Appointment of Agent. You hereby appoint Smart Tuition as its limited agent for the purpose of billing and accepting payments from its Families ( Family or Families ) on Your behalf.
More informationSTEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH
STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH 2 THE CYBER AND DATA RISK TO YOUR BUSINESS This digital guide will help you find out more about the potential cyber and data risks to your business,
More informationGLOBCOIN Multicurrency Prepaid Mastercard. Terms and Conditions. Valid as of July 1 st, 2016
GLOBCOIN Multicurrency Prepaid Mastercard Terms and Conditions Valid as of July 1 st, 2016 IMPORTANT INFORMATION: These are the terms & conditions of the agreement between us, Prepaid Financial Services
More informationPayment Card Industry (PCI) Data Security Standard Validation Requirements
Payment Card Industry (PCI) Data Security Standard Validation Requirements For Qualified Security Assessors (QSA) Version 1.2 October 2008 Document Changes Date Version Description October 2008 1.2 To
More informationMERCHANT NEWS INTERACTIVE EDITION
SPRING 2017 MERCHANT NEWS INTERACTIVE EDITION - KEEPING YOU IN THE KNOW IN THIS ISSUE Welcome to Spring 2017 Realex Payments Product News Card Industry And Card Scheme News Payments Card Industry Data
More informationInformation security policy
Information security policy Policy objectives 1 This policy is intended to establish the necessary policies, procedures and an organisational structure that will protect NMC s information assets and critical
More informationOLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE
OLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE August 2017 WHO NEEDS PCI TRAINING? THE FOLLOWING TRAINING MODULE SHOULD BE COMPLETED BY ALL UNIVERSITY STAFF THAT: - PROCESS PAYMENTS
More informationCARD PROGRAM SERVICES. Terms and Conditions (Merchant Agreement)
CARD PROGRAM SERVICES Terms and Conditions (Merchant Agreement) 1 Introduction This Card Program Services Terms and Conditions (the Merchant Agreement ) is for the provision of the Services to the Merchant
More informationAgreement means these Terms and Conditions, together with the Fee Schedule in accordance with 1.1.
Terms and Conditions DEFINITIONS Agreement means these Terms and Conditions, together with the Fee Schedule in accordance with 1.1. Available Funds means at any given time any unspent funds loaded onto
More informationConditions of Use Latitude Infinity
Conditions of Use Latitude Infinity Combined Contract Documents and Credit Guide. Prepared on the 23 October 2018 Credit Guide Latitude Finance Australia ABN 42 008 583 588 ( Latitude ), Australian Credit
More informationGeneral Conditions EMS
General Conditions EMS Part 1 - General provisions 1. These conditions 1.1 These general conditions apply to the legal relationship between you and European Merchant Services B.V. (EMS) for the provision
More informationSAFEGUARDING CASH AND CASH EQUIVALENTS. Financial Compliance, Risk & Internal Controls
SAFEGUARDING CASH AND CASH EQUIVALENTS Financial Compliance, Risk & Internal Controls 1 Why is Financial Compliance and Internal Controls important? Strong Internal Controls reduce risk associated with
More informationFINANCIAL REGULATIONS
FINANCIAL REGULATIONS Last updated October 2016 Table of Contents 1. OVERVIEW... 3 2. REPORTING ARRANGEMENT... 4 3. ACCOUNTING... 5 4. FINANCIAL PLANNING AND BUDGETING... 6 5. AUTHORISATION OF TRANSACTIONS...
More informationATM/Debit. Terms and Conditions
ATM/Debit Terms and Conditions Terms and Conditions ATM Card and Visa Debit Card 1.0 Definitions of Terms used in this Document 2.0 Using your Card 3.0 Protecting your Card and PIN 4.0 Using your card
More informationUPCOMING SCHEME CHANGES
UPCOMING SCHEME CHANGES MERCHANTS/PARTNERS/ISO COPY Payvision Ref: Payvision-Upcoming Scheme Changes (v1.0)-august 2016 1 Rights of use: COMPLYING WITH ALL APPLICABLE COPYRIGHT LAWS IS THE RESPONSABILITY
More informationSage Payment Processing User's Guide. March 2018
Sage 300 2017 Payment Processing User's Guide March 2018 This is a publication of Sage Software, Inc. 2017 The Sage Group plc or its licensors. All rights reserved. Sage, Sage logos, and Sage product and
More informationMerchant Payment Card Processing Guidelines
Merchant Payment Card Processing Guidelines The following is intended to provide guidance that departments or units can use to help develop specific procedures for their department or unit. If you have
More informationTechnicallySpeaking. Technically interesting! Word of Welcome. An overview of the National Credit Act
2nd Edition - September 2007 Audit - Technical (External) TechnicallySpeaking Technically interesting! Word of Welcome An overview of the National Credit Act Payment Card Industry Data Security Standard
More informationCyber ERM Proposal Form
Cyber ERM Proposal Form This document allows Chubb to gather the needed information to assess the risks related to the information systems of the prospective insured. Please note that completing this proposal
More informationA report showing the merchant s settlement. The acquirer settlement report is generated by the acquiring bank at the end of every billing cycle.
A Acquirer (acquiring bank) An acquirer is an organisation that is licensed as a member of Visa/MasterCard as an affiliated bank and processes credit card transactions for (online) businesses. Acquirers
More informationcard fraud business Helpful information for Merchants Avoiding card fraud
card fraud business Helpful information for Merchants Avoiding card fraud How to stop card fraud before it happens. It is an unfortunate fact that not everyone with a card, or card number, is the card
More informationData Security Addendum for inclusion in the Contract between George Mason University (the University ) and the Selected Firm/Vendor
Data Security Addendum for inclusion in the Contract between George Mason University (the University ) and the Selected Firm/Vendor This Addendum is applicable only in those situations where the Selected
More informationINTERNATIONAL SOS. Data Protection Policy. Version 1.8
INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 2017 All copyright in these materials are reserved to AEA International
More informationOSPER / IDT FINANCIAL SERVICES LIMITED. Agreement means these Terms and Conditions, [together with the Product Leaflet in accordance with 1.1].
DEFINITIONS OSPER / IDT FINANCIAL SERVICES LIMITED OSPER CARD TERMS AND CONDITIONS Version: 14.02.15 Agreement means these Terms and Conditions, [together with the Product Leaflet in accordance with 1.1].
More information