University of Dayton
Credit / Debit Card Acceptance Policy
September 1, 2009
Effective Date of this Policy:
August 1, 2008
September 1, 2009
Contact for More Information:
In order to protect credit card information, the credit card industry has introduced security
requirements that merchants must follow. These guidelines were established to minimize fraud
risk and maximize cardholder protection. Failure of merchants to comply with these guidelines
may result in fines or the possibility of not being able to accept credit / debit card payments.
EXECUTIVE SUMMARY AND PURPOSE
To protect against the exposure and possible theft of account and personal cardholder
information that has been provided to the University of Dayton during the course of business
with the University; and to comply with credit card company requirements for transferring credit
This policy applies to all University of Dayton departments, faculty, staff, students, organizations
and individuals who, on behalf of the University of Dayton, handle electronic or paper
documents associated with credit or debit card receipt transactions or accept payments in the
form of credit or debit cards. The scope includes any credit or debit card activities conducted at
all University of Dayton locations.
This policy also applies to all external organizations contracted by University of Dayton
departments, faculty, staff, students, organizations and individuals to provide outsourced services
for credit or debit card processing for University of Dayton business.
Application Server: The computer hosting the application with which the general end-users or
point-of-sale (POS) terminals connect.
Credit Card Information: Any cardholder or card information accessed to initiate a credit or
debit card transaction.
Cardholder Information Security Program