Definitions

Back Office System - A method of recording credit card transactions on behalf of the customer through a secure departmental PC that utilizes the University’s network and equipment.

Breach - The unintentional release of secure information. This includes incidents such as theft, loss, or exposure of credit card or other personally identifiable information records in paper or electronic form.

Card Swipe Terminal - A mechanical device that sends electronic signals via a phone line to process credit or debit card transactions. Card swipe terminals allow an individual to swipe or key in required credit card information and electronically transmit such data to the merchant services provider.

Charge Backs - The required reversal of a credit card transaction to return funds to a card holder due to a complaint filed by the customer. A customer may initiate a chargeback by contacting their issuing bank and filing a substantiated complaint. The complaint may be refuted by the University. The dispute is then settled by the applicable Credit Card Company.

Contract with External Payment Partner - A contractual agreement between UA and an outside vendor to provide a business service to the University community. Payments made by the customer are made to the vendor’s merchant account and the University receives an agreed upon share of the proceeds. The vendor must be certified as PCI compliant and must maintain compliance status for the duration of the contract.

Controlled receipts - The use of pre-numbered receipts when cash is collected. Each number is accounted for to assure that funds for all issued receipts are deposited.

Dial-up Card Swipe Terminal - A mechanical device that sends electronic signals via a phone line to process credit or debit card transactions. Card swipe terminals allow an individual to swipe or key in required credit card information and electronically transmit such data to the merchant services provider.

Discount Fee - This is a per transaction charge for each credit card transaction. The rate is variable depending on several factors, some of which include the interchange rate at the time, the type of credit card being used, the method in which the card is processed, etc.

Funds - Any form of tender (cash, checks, credit cards, ACH, debit cards, web checks, etc).

Gateway - An e-commerce application that transmits, authorizes, and settles web payments. Payment gateways protect credit card details by encrypting sensitive information, such as full credit card numbers, to ensure that information is passed securely between the customer and the merchant and also between the merchant and the payment processor.

Hosted Payment Gateway - With a hosted payment gateway, no cardholder data is stored, processed or transmitted on UA premises or through a UA network, or stored on a UA server.  The 3rd party hosting the payment gateway must be confirmed annually to be PCI DSS compliant.

Initial Control - The creation of a record of all received funds at the first point of contact in which they are received by the department. This initial contact is crucial as the department takes possession of funds in order to ensure that proper internal control is established.

IP Card Swipe Terminal or USB Card Reader - A mechanical devise that sends electronic signals via the University network to process credit or debit card transactions. Card swipe terminals allow an individual to swipe or key in required credit card information and electronically transmit such data to the merchant services provider.

Merchant Services Account - An account that allows University departments to accept payments by debit or credit card and allows for the settlement of credit or debit card transactions. All University Merchant Service Accounts are authorized by the Office of Student Receivables.

Official University of Alabama Revenue Generating Operation - Operations that produce income by providing goods or services to the University community or, in some cases, to the general public.

Payment Gateway - An e-commerce application that transmits, authorizes, and settles web payments. Payment gateways protect credit card details by encrypting sensitive information, such as full credit card numbers, to ensure that information is passed securely between the customer and the merchant and also between the merchant and the payment processor.

Permanent Change Fund - Cash permanently assigned to a department for the purpose of making change for sales transactions.

Personal Credit Card Information - Personally identifiable information related to an individual’s credit card including the full credit card number, the expiration date, and the security code.

Personally Identifiable Information - An individual's personal data that may be subject to misuse. Examples include full credit card number, credit card expiration date, credit card security code, social security number, medical records, student records, bank account numbers, etc.

Point of Sale System - A point of sale system refers to the computer hardware, software and checkout terminals used by departmental staff to process in-person customer transactions, create and print receipts, and maintain and update the associated data bases and reports. POS systems process and transmit card holder data but do not store card holder data on University equipment or systems.

Postdated Check - Check that has been written for a date in the future.

Procedures -The sequence of actions or instructions to be followed in completing a task.

Revenue Safeguarding Procedures - Procedures established to ensure funds received by a department are properly protected and recorded on University financial records.

Secure Website - A web site that provides the capability of securely and privately exchanging data and financial transactions. This involves the encryption of data in transit.

Security Code - A three- or four-digit value printed on the card or signature strip on the back of the card, used to verify that the customer has the card in their possession or has a least physically seen the card.

Hover over light bulb or click here to see an example of a security code.

Separation of Duties - Dividing responsibilities for specific business processes to provide adequate controls to prevent misappropriation of funds and lessen errors.

Settled - At the end of the day, the department instructs the credit card machine to submit the finalized transactions, in batch, for that day to the customers’ accounts which begins the settlement process, where the funds are transferred from the customer's accounts to UA’ accounts. These transactions are then said to be “settled”.

Temporary change fund- Cash on loan to a department for the purpose of making change during events or for a short period of time.

Tender Types - funds

Ticket Accountability - Maintaining controls for tickets issued for events and activities through the use of pre-numbered tickets which are reconciled to the amount of tickets sold and deposits made.


Return to top
Revenue Generating Policies
Credit Card Policies
Student Receivables