This is the day to have the PCI payment card business survey
completed. If you have already completed your survey, thank you for
your assistance.
All MSU persons or entities that engage in operations that include
credits card transactions are required to complete the payment card
business scope survey. You may take the survey here:
If you have additional questions or issues, or you would like a copy
of all the questions before going online to fill out the forms,
please contact Gene Willacker at [log in to unmask], or
4-4110 (517-884-4110).
Background:
MSU was recently informed by our bank, Bank of America Merchant
Services (BAMS), that we are required to validate MSU’s compliance
with the Payment Card Industry Data Security Standard (PCI DSS)
early next year. We have not been asked to provide this information
to the bank for a long time, so it is important that we have every
unit on campus review their payment card processing methods and
security, and submit written documentation to the Cashier’s Office
by March 31, 2014. MSU cannot be considered compliant unless every
merchant is compliant.
According to the bank’s policy, we must report on all credit card
business being done by every department and unit on campus, whether
the transactions are processed through BAMS or not. We are aware
that there are several MSU persons, areas, or entities accepting
credit card payments using methods that are not listed under the
guidelines in the MSU
Manual of Business Procedures
(http://ctlr.msu.edu/COMBP/mbp17EBS.aspx). Those operations must
also report to the Cashier’s Office. This is the time for those
operations outside of MSU guidelines to come forward and discuss
their payment card business with us, so that we can validate that
the business process meets MSU and PCI compliance requirements.
The first step in this process is our Fall 2013 scope survey, to
determine every area and method used by MSU in accepting payment
cards. After analyzing the data received, the MSU Controller's
Office will be sending specific documents to each office to collect
the appropriate compliance documentation.
Thank you for your cooperation and assistance with this process.
Gene
--
Gene Willacker, PCIP, PCI ISA
PCI Compliance Officer
Controller's Office
110 Administration Building
Michigan State University
517-884-4110