OVERVIEW

The article outlines helpful tips to take note of in terms of customer card data. 

Tips:

• Help protect customer card data.  A breach can be very costly for the university.

• University rules for payment card acceptance:

  • Never create an electronic record containing card numbers,

  • Avoid creating paper records containing card numbers,

  • Never accept card numbers sent by email,

  • Participate annually in security awareness training, and

  • Detect, contain, and report card data breaches to Business Affairs.

• Never send SSNs by email.

• Avoid storing other sensitive data on portable devices and media which is often lost or stolen.

• Be wary of phishing emails, suspicious calls requesting private data, and terminal repair visitors.

• Make sure your department has written procedures for handling card data.

• Make sure the customer has signed their card.

• Inspect the card and monitor customer behavior for signs of fraud.

• Inventory and secure card terminals.

• Process EMV cards using the chip.

• Inspect terminals for signs of tampering and replacement at the beginning of each business day.

• For card-not-present transactions, it is best to accept and process the number over the phone.

Related articles

CONTACT US

• workcontrolcenter@uoregon.edu

• 541-346-2319

• Facilities Website