PCI Compliance
BYU is committed to protecting sensitive cardholder information. We adhere to the standards described in the Payment Card Industry Data Security Standards (PCI DSS). We also require all third party vendors that process credit cards in behalf of BYU to comply with the same standards.
If you suspect any compromise or breach of security related to credit card information, immediately contact Gene McMurtrey at ext. 2-3403.
Please click on the following links to access the related items:
PCI Data Security Standards (PCI DSS)
Merchant Credit Card Policy - Located in the University Handbook (Through Route Y)
Merchant Credit Card / E-Commerce Policy
As stated in the Merchant Credit Card / E-Commerce Policy, BYU community credit card transactions involving commerce conducted across Internet platforms (e-commerce) must follow these procedures. Doing so will help to ensure that proper security, accessibility, branding, tax, and transaction compliance requirements are met. Departments, student organizations, and other business activities that do not adhere to these procedures put the university at risk for data security, tax collection / remittance, and other compliance-related violations that could be harmful to the entire BYU community.
Soft Phone (RingCentral) Procedure
Please note that if taking credit card payments over the phone, all cardholder data must be communicated through a physical phone only. It is NOT PCI compliant to take credit card payments over a soft phone routed through your computer or a soft phone application. It is expected that all cashiers adhere to all PCI standards and BYU’s merchant credit card/e-commerce policy and procedures.
Contacts
Gene McMurtrey
801-422-3403
Trainings
PCI Call Center Employee Training
PCI Call Center Supervisor Training
PCI Enterprise Employee Training