Accepting credit card payments

The University of Massachusetts maintains a strong security posture to comply with data security standards (DSS) of established by the payment card industry (PCI), the PCI DSS.

The PCI DSS is a comprehensive standard intended to help organizations proactively protect customer account data. The PCI DSS was developed by the PCI Security Standards Council to encourage the broad adoption of consistent security measures worldwide.

The core principles of PCI DSS:

  • build and maintain a secure network
  • protect cardholder data
  • maintain a vulnerability management program
  • implement strong access control measures
  • monitor and test networks
  • maintain an information security policy

The University of Massachusetts has identified CyberSource as the third party vendor of choice for all e-commerce activity. Any deviation from the use of CyberSource must be approved by your campus Vice Chancellor for A&F as well as the E-commerce Committee.

More information

University of Massachusetts Merchant Services: E-Commerce Group

Fiscal procedure: e-commerce (PDF)