Financial Affairs

CONTRACTUAL AND REGULATORY REVIEW

Every DePaul University merchant must comply with all terms and conditions of all payment card company contract and service agreements. Below are some key points:

• You must honor all valid cards within your acceptance categories when properly presented for payment, without discrimination, unless Laws expressly require otherwise.

• You must maintain a policy that does not discriminate, unless Laws expressly require otherwise, among cardholders seeking to make purchases with a particular brand of Card accepted by you.

• Discover Network, Visa and MasterCard regulations prohibit listing a cardholder’s personal information on the transaction receipt because it can expose a cardholder to increased risk of fraud.

Every DePaul University merchant must comply with all regulatory and industry standards.
Below are some key points:

• Merchant does not store any cardholder data in electronic format, and

• If merchant does store cardholder data, such data is only in paper reports or copies of receipts and is not received electronically.

For more information please see the following links:

American Express Data Security Site
Discover Financial Services Fraud & Security Site
Illinois Statue Public Act 097-0483 The Personal Information Protection Act
Mastercard Data Protection & PCI Site
Elavon's PCI Compliance Site
Payment Card Industry Data Security Standard (PCI DSS)
Visa Data Security News & Resources