(Approved by the President per delegation of authority Administrative Order No. 9)
This policy establishes that University of Washington merchants accepting branded payment cards (i.e., VISA/MasterCard) must meet all UW Finance – Office of Merchant Services (Merchant Services) requirements and Payment Card Industry Data Security Standard (PCI DSS). All University merchants are required to adopt and implement approved tools, practices, and policies to comply. Failure to comply may result in financial penalties, increased cost of operations, and/or security breaches.
This policy applies to all University merchants accepting payment cards.
Merchant: Any office, unit, department, or organization at the University that accepts credit cards as a form of payment for goods and/or services. This includes temporary, seasonal, or one-time events.
Payment Cards: Credit, debit, and prepaid cards branded with one of the five partners of the PCI Security Standards Council. The five partners are Visa, MasterCard, Discover, American Express, and JCB International.
PCI Security Standards: The information security standards (published by the PCI Security Standards Council) that all merchants taking credit cards as payment are required to adopt and implement. Failure to comply may result in serious fines, penalties, and/or restrictions on merchant account activity.
Failure to comply with this policy may result in restrictions on card acceptance or closure of merchant account-related services and disciplinary action.
For additional information contact Merchant Services.
April 30, 2009; May 13, 2009; October 15, 2018; March 3, 2020.