The payment card industry (American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) created a set of security standards to protect their customers from increasing identity theft and security breaches. This set of security standards is called Payment Card Industry (PCI) Compliance. More recently a new set of standards were issued for payment applications such as the credit card machines and online payment processing, Payment Application – Data Security Standards (PA-DSS).
Oakland University is required to be PCI Compliant because the university accepts processes, transmits or stores credit card information. If Oakland University contracts with a vendor or service provider to accept, process, transmit or store credit card information, the vendor is required to be both PCI and PA-DSS Compliant.
If your department or operation is considering the purchase of a system that will accept, process, transmit or store credit card information, such as credit card payment on web site or similar process, you first need to review critical University Policies in the Related Policies section below.