eCommerce and Merchant Services

Learn about best practices, Michigan State University standards, and available tools for accepting credit and debit card payments at MSU.

Announcement

Complete Online PCI Training before Thursday, August 31, 2017

What is occurring?

Each person with access to payment card data, applications, or systems, or who is the PCI Steward for their department, is required to take PCI training at the point of hire and annually, at a minimum.  This action is required for MSU to assert compliance to our bank and the card brands.

This training is for anyone who has access to a CASHNet store, operates a Credit Card Terminal on campus, helps reconcile credit card revenue, manages operations dealing with credit card revenue, or is a PCI Steward.  This does not apply to P-Card holders or activity.

This annual training takes place within our D2L portal, similar to HIPAA and FERPA.

What do I need to do? Please visit IT security page https://secureit.msu.edu/train/pci-dss.html for the instructions to sign in to D2L.  The instructions can also be found on our eCommerce website here.  This training is expected to take about 15 minutes and will have a short quiz at the end.  The quiz results will not be tracked and you only need to take the training.  For those of you who wish to review the quiz questions, a guide to the questions can be found hereYour training has to be completed before Thursday August 31, 2017.   

Do I have to?

Yes, if you fit into the criteria listed above, it is mandatory.  The PCI training is required by the Controller’s Office, MSU IT Security team, and the PCI team.  The University attests campus compliance yearly to their acquiring bank, training offerings for applicable employees is a mandatory requirement.

The Controller’s office only has visibility on PCI Stewards and CASHNet users.  We are relying on Managers to forward this training on to applicable employees that have a role in “swipe” Credit Card Terminal locations.

Disclaimer: If you manage a location with volunteers, who by nature do not have a MSU Net ID but are trained to operate credit cards devices on behalf of the University, you may have them sign an updated Employee Security Statement for 2017.

Please contact the Cashier’s Office at 517-355-5023 or pcidss@ctlr.msu.edu if you have any questions.

Thank you for your continuing efforts to keep MSU compliant!