In order to reduce risks associated with the Payment Card Industry Data Security Standard (PCI DSS), any department or organization at the University of Tennessee or  wishing to start credit card processing must follow UT policy FI0311 – Credit Card Processing. Below you will find a collection of documents and information that will help you in getting started with accepting credit cards as well maintaining PCI compliance once you start accepting them.


Getting Started

Prospective merchants must complete a point of sale/internet sales approval form, a credit card processing policy, a Self Assessment Questionnaire, and PCI Training prior to accepting credit card payments.

Please contact Justin Holt at or 865-974-4100 with any questions you have about this process.


UT Policies

Fiscal Policy FI0311 – Credit Card Processing

IT Policy IT0110 – Acceptable Use of Information Technology Resources

IT Policy IT0115 – Information and System Classification


Forms for Prospective Merchants

Point of Sale and Internet Sales Approval Form

Credit Card Policy Template


Self Assessment Questionnaires (Version 3.2 rev 1.11)

Which SAQ Do I Complete?

  • SAQ A – For “card not present” merchants
  • SAQ B – For merchants using standalone, dial-out terminals not connected to the Internet.
  • SAQ B-IP – For merchants using standalone, ethernet connected terminals.
  • SAQ C-VT – For merchants using isolated virtual payment terminals on a personal computer connected to the Internet
  • SAQ P2PE – For merchants who process cardholder data only via a  PCI-DSS listed Point-to-Point
    Encryption (P2PE) solution.


PCI Training

2020 PCI Compliance Training


E-Commerce Startup Contacts

Touchnet – UT-Knoxville
Mark Savage – Email:  Phone: 865-974-2205

Touchnet – UTIA
Mark Savage – Email:  Phone: 865-974-2205

Touchnet – UT-Chattanooga 
Vanasia Parks – Email  Phone: 423-425-4343

Touchnet- UT-Martin
Doug Bloodworth – Email: Phone: 731-881-3852

Touchnet -UT Health and Science Center 
Byron Porter – Email:  Phone: 901-448-4848


Standard Point of Sale Terminals Available for Purchase or Rental

Verifone VX520

Ethernet or Dial-Up Capable

Purchase Price $481

Ingenico iWL250

Wireless Cellular Terminal

Purchase Price $733 + $20 Sim Card + $19 Per Month Cellular Fee

Rental Price $36 Per Month + $20 Sim Card + $19 Per Month Cellular Fee



Security Awareness Information

PCI Credit Card Security Flyer

PCI DSS Handout

Insight From VISA To Keep Your POS Equipment Secure

PCI and What Not to Store


PCI Standards and Procedures for UT Merchants

PCI DSS Incident Response Plan

PCI DSS Penetration Testing Standard

PCI DSS Security Awareness Program Standard

PCI DSS Vulnerability Scanning Standard


Additional PCI Resources

PCI Security Standards Website

Visa Global Registry of Service Providers