Finance is currently rolling out a phased project to ensure that the University becomes PCI Compliant via The Payment Card Industry Data Security Standard (PCI DSS).
What is PCI DSS (Payment Card Industry Data Security Standard)?
PCI DSS are payment industry guidelines specifically engineered to improve the overall security of the digital card payment process and its digital environment. Adopting PCI DSS at the university will ensure that we handle card payments according to specific regulations, maintain the security of card transactions and prevent data breaches. As we live in a digital and connected world, adopting PCI DSS will help detect and reduce the chances of card fraud.
How will PCI DSS specifically benefit students at the University?
Providing certified compliant payment options will maintain our credibility and trust with students and other customers who use campus facilities and pay for University goods and services online. PCI DSS also contributes to our GDPR obligations ensuring we handle customer data following the highest standards
How long will the PCI DSS improvement process take to roll out?
We expect to complete this process within the next 12 months. The Finance Department has appointed a specialised person to carry out this project, Edward Li, who will be completing audits on campus, assessing and developing our cardholder data environment (CDE), and gathering data from members of staff. In the long term, we will maintain our compliance through a monitoring and development program and report our compliance annually.
What can you do to help?
The University policy is to NOT store card details. All processing should be through University approved payment channels such as the online store.
Please take a moment to think about any places you might be requesting or storing payment card details outside these regulations. There may be forms requesting card numbers still in use or old forms published on the website. We’d really appreciate these being removed or highlighted to us so we can provide secure payment alternatives.
If you have questions or comments on this, please contact us.