CREDIT CARD PAYMENT IT INITIATIVE. The Usual Suspects Eric JeanesFrank FeagansMatt GeorgeRobbyn...
11
CREDIT CARD PAYMENT IT INITIATIVE
Transcript of CREDIT CARD PAYMENT IT INITIATIVE. The Usual Suspects Eric JeanesFrank FeagansMatt GeorgeRobbyn...
CREDIT CARD PAYMENT IT INITIATIVE
The Usual Suspects
Eric Jeanes Frank Feagans Matt George Robbyn Lennon
Daniel Mcconnell
Keith Wilburn Cheryl Novalis-Marine
Ed Xia
Kelly Bogart Gil Salazar Greg Horner Mark Barton
Robert Casler Robert Lanza Joseph Corso Judith Mayoral-Schnee
Chris Schreiber
Matt George Ben Emmons Bernadine Cannon
Wayne Peterson
Htay Hla
Payment Process
Look
& F
eel
Logo
s an
d H
eade
rs
Prod
uct D
iver
sity
Shopping Cart Functions
Secure & PCI Compliant
Cybersource OR Other Authorized Gateway - Merchant Link - BlackBoard - etc…
Auth
oriza
tion:
Au
to o
r Man
ual S
ettle
Need to know the Source: Where the charge came from
Customized Receipt and Identification in Credit Card Statement
Need to create a Cybersource Account
Option 2: One Cybersource account for whole campus
Option 1: One Cybersource account per Event or Unit
A central e-commerce solution that:• Handles security and
vulnerability scans• Is Customizable• Puts up “products” in a
timely manner• Allows for data collection• Integrates with Bursar
accounts and KFS accounts• Has log management
Estimated Costs
TASK People Time Money Frequency
Set up Merchant Account with B of ACAMPUS MERCHANT BANK CARDS (CREDIT) ACCEPTANCE AGREEMENT Responsible Person & Department HeadSet up Authorization Gateway account (e.g. Cybersource, Authorize.net; PayflowPro) $20.00 month
Set up purchasing interface (shopping cart) Web Developer 20 hrs once per storefrontcreate web pages using custom codingORPurchase 3rd party shopping site (e.g. RegOnline; UA Foundation; or 3DCart)
Support 60 hrs Annual
Purchase Reconciliation Business Mgr/Accountant assume 1 kuali account per cybersource merchantdepends on activity level and number of accounts per store
PCI Scans and updating/patching Sys Admins 128 hrs AnnualExternal Server ScansInternal Server ScansApplication Scans includes Developer Annual
Compliance Procedures/Documentation 20 hrs AnnualMerchant SummaryMerchant AgreementSAQ / PCI CertificationCredit Card PolicyCollege/Dept'l ProceduresProcess FlowchartTraining 3rd Party VendorIncident Response PlanScan Results TOTAL ANNUAL LABOR 228 hrs @ $75/hr $17,100
per Storefront
From Meeting #3 Feb. 5, 2013
E-Commerce Service
Central Shopping Cart
Common DRUPAL Codebase
DB1 DB2 DB3 DB4 etc
1 Cybersource Accountper Department or Website
site1 2 3 4 5 6
Estimated 80 SAQ A Merchants
Dept1Website
Dept2Website
Dept3website
Etc…
1 Payment Gateway / 1 Cybersource Account for Campus
Distribute to KUALI Accountsvia Reports
Option 1 from Slide 1 Option 2 from Slide 1
3rd Party PCI-Compliant E-Commerce
Service (s)RegOnline, 3DCart, etc.
Dept1Website
Dept2Website
Dept3website
Etc…
Cybersource or Other Payment Gateways –
Per Department or EventDistribute to KUALI Accounts
After Meetings 4 & 5; Recommended Solutions: Option 1: Use 3rd Party PCI Compliant service -SAQA Merchants Only
PCI Scanning may not be required for these servers
if payment gateway is not
ours
Check mailed back to department from
RegOnline
E-Commerce in a Box from UITS –
PCI-compliant merchant service(coming soon)
Dept1Website
Dept2Website
Dept3website
Etc…
Cybersource or Other Payment Gateways –Per Department or Event
Distribute to KUALI Accounts
After Meetings 4 & 5; Recommended Solutions: Option 2: Use 3rd “E-Commerce in a Box” -SAQA Merchants Only
PCI Scanning not required for these
servers (TBD)
Anticipated Gains
• $$$ Annual Savings• Reduced Institutional Risk• Increased Collaboration based on common solutions• Increased Efficiencies
Still Needed:• RegOnline account management process (Bursar Ofc.
coordinating)• e-Commerce in a box (UITS)
Estimated Savings
Credit Card Merchant Services Process SAQA only
TASK People Savings Time Money Frequency
Set up Merchant Account with B of ACAMPUS MERCHANT BANK CARDS (CREDIT) ACCEPTANCE AGREEMENT Responsible Person & Department HeadSet up Authorization Gateway account (e.g. Cybersource, Authorize.net; PayflowPro) $20.00 month
Set up purchasing interface (shopping cart) Web Developer 10 hrs 20 hrs once per storefrontcreate web pages using custom codingORPurchase 3rd party shopping site (e.g. RegOnline; UA Foundation; or 3DCart)
Support 60 hrs Annual
Purchase Reconciliation Business Mgr/Accountant assume 1 kuali account per cybersource merchantdepends on activity level and number of accounts per store
PCI Scans and updating/patching Sys Admins 64 hrs 128 hrs AnnualExternal Server ScansInternal Server ScansApplication Scans includes Developer Annual
Compliance Procedures/Documentation 20 hrs AnnualMerchant SummaryMerchant AgreementSAQ / PCI CertificationCredit Card PolicyCollege/Dept'l ProceduresProcess FlowchartTraining 3rd Party VendorIncident Response PlanScan Results TOTAL ANNUAL SAVINGS 74 hrs @ $75/hr $5,500
CAMPUS-WIDE ANNUAL SAVINGS (80 SAQ A Merchants) $444,000
CREDIT CARD PAYMENT IT INITIATIVE
THANK YOU!!
QUESTIONS & DISCUSSION
