In order to reduce risks associated with the Payment Card Industry Data Security Standard (PCI DSS), any department or organization at the University of Tennessee or  wishing to start credit card processing must follow UT policy FI0311 – Credit Card Processing. Below you will find a collection of documents and information that will help you in getting started with accepting credit cards as well maintaining PCI compliance once you start accepting them.

Getting Started

Prospective merchants must complete a point of sale/internet sales approval form, a credit card processing policy, a Self Assessment Questionnaire, and PCI Training prior to accepting credit card payments.

Please contact Justin Holt at holt@tennessee.edu or 865-974-4100 with any questions you have about this process.

UT Policies

Fiscal Policy FI0311 – Credit Card Processing

IT Policy IT0110 – Acceptable Use of Information Technology Resources

IT Policy IT0115 – Information and System Classification

Forms for Prospective Merchants

Point of Sale and Internet Sales Approval Form

Credit Card Policy Template

Contacts to obtain Approvals

Self Assessment Questionnaires (Version 3.2 rev 1.11)

Which SAQ Do I Complete?
For “card-not-present” merchants

SAQ A   
For merchants using standalone, dial-out terminals not connected to the Internet

SAQ B
For merchants using standalone, Ethernet connected Terminals

SAQ B-IP
For merchants using isolated virtual payment terminals on a personal computer connected to the Internet

SAQ C-VT

For merchants who process cardholder data only via a  PCI-DSS listed Point-to-Point
Encryption (P2PE) solution.

SAQ P2PE

 

PCI Training

2018-PCI-Training (allow a few seconds for the file to download to your computer)

E-Commerce Startup Contacts

Touchnet – UT-Knoxville
Mark Savage – Email: mark@utk.edu  Phone: 865-974-2205

Touchnet – UTIA

Mark Savage – Email: mark@utk.edu  Phone: 865-974-2205

Touchnet – UT-Chattanooga 

Vanasia Parks – Email vanasia-parks@utc.edu  Phone: 423-425-4343

Touchnet- UT-Martin

Doug Bloodworth – Email: dbloodworth@utm.edu Phone: 731-881-3852

Touchnet -UT Health and Science Center 

Byron Porter – Email: bporter3@uthhsc.edu  Phone: 901-448-4848

 

Standard Point of Sale Terminals Available for Purchase or Rental

Verifone VX520

Ethernet or Dial-Up Capable

Purchase Price $481


Ingenico iWL250

Wireless Cellular Terminal

Purchase Price $733 + $20 Sim Card + $19 Per Month Cellular Fee

Rental Price $36 Per Month + $20 Sim Card + $19 Per Month Cellular Fee


 

 

Security Awareness Information

PCI Credit Card Security Flyer

PCI DSS Handout

Insight From VISA To Keep Your POS Equipment Secure

PCI and What Not to Store

 

PCI Standards and Procedures for UT Merchants

PCI DSS Incident Response Plan

PCI DSS Penetration Testing Standard

PCI DSS Security Awareness Program Standard

PCI DSS Vulnerability Scanning Standard

 

Additional PCI Resources

PCI Security Standards Website

Visa Global Registry of Service Providers

Elavon 

Touchnet