Skip to main content
Search
Southern Illinois University Edwardsville Logo
Apply to SIUE
Sun setting on Rendleman Hall

Bursar Sub MenuDismiss

  Pay My Bill FAQ Students & Parents About Us Contact Us University Staff

University Staff

Bursar University Staff
Processing Options Who to Contact Security & Compliance FAQ Merchant Request Form Selecting a New POS Device Vendor Resources

Security & Compliance FAQ

Credit Card Security

The University has established the SIU PCI DSS Information Security Policy in order to protect personal cardholder information.

University staff members involved with credit card processing must complete annual security awareness training. Contact Dawn Sparks at dsparks@siue.edu to access the training.

What is PCI DSS?
Payment Card Industry Data Security Standards (PCI DSS) is the result of a collaboration of the major credit card associations to establish a single data security standard designed to protect sensitive cardholder information. Any entity that stores, processes or transmits cardholder data (including credit and debit cards) must comply with PCI DSS requirements.
What are PCI DSS requirements?

PCI DSS requirements are defined by the Payment Card Industry Security Standards Council (PCI SSC). Within the standards there are 12 basic requirements and over 180 specific tasks. Visit the PCI Security for details.

Who has to comply with PCI DSS?
Any entity that stores, processes or transmits cardholder data (including credit and debit cards) must comply with PCI DSS requirements.
What can happen if I am not in compliance with PCI DSS?
  • Non-compliance can result in fines and remedial efforts that could easily exceed $1 million. Costs include fines, forensic exams, cardholder notifications, setup of a call center, credit monitoring and more costly compliance requirements. The costs would be the responsibility of the merchant.  
  • Fraud and identity theft are a risk to customers (students, faculty/staff and general public) if a department is non-compliant.  
  • Breach of cardholder information can result in negative publicity and damage to SIU's reputation.  
  • Non-compliance can result in the loss of credit card and debit card acceptance privileges.
Who do I contact if I believe credit card information may have been compromised?

Contact Bursar's Office Dawn Sparks dsparks@siue.edu, 618.650.5273 or James Burgdorf at jburgdo@siue.edu, 618-650-3138.  Campus Police and Information Technology would also be involved in an investigation.

Who has to attend annual credit card security training?    
  • Has access to cardholder data  
  • Fiscal officer of account in which credit card payments are credited and/or their delegate  
  • Handles credit card payments as part of their regular job duties. Personnel who handle credit card payments on a one time or temporary basis are recommended to complete training, but not required.
What credit card information can I store?
The following information may never be stored after transaction has processed: Full Magnetic Stripe, Card Validation Code (CVC2/CVV2) and PIN. If storage of any cardholder information, electronic or hard copy is necessary, contact the Bursar's Office to discuss acceptable storage methods.
How do I get approval to begin accepting credit card payments or to begin using a new credit card processing method? (Such as accepting online payments at an SIUE website.)

Contact Bursar's Office Dawn Sparks at dsparks@siue.edu, 618-650-5273 or James Burgdorf at jburgdo@siue.edu, 618-650-3138.

© 2024  SIUE, Edwardsville, IL 62026 Contact SIUE Privacy Notice | Consumer Disclosures & Complaints Equal Opportunity Employer Employment Emergency Notification (e-Lert)

Southern Illinois University Edwardsville is authorized to operate as a postsecondary educational institution by the  Illinois Board of Higher Education.