|
"Charge It" Via the Internet
|
|
|
|
"Charge It" Via the Internet
|
|
|
Many of us routinely use the Internet to purchase goods and services. The convenience of online shopping reduces the time you might have spent making the same purchase from a call center or the time it would have taken you to physically visit the neighborhood marketplace. The benefits of Internet shopping are not a one-way proposition. Use of the Internet for retail sales also permits a merchant to reach a broader customer range and provide the customer a simple and secure shopping alternative. The attractiveness of offering merchant services over the Internet has not escaped the attention of campus organizations. The ability to sell tickets to campus performing arts events, sporting events, and conferences; collect fees for summer academic and recreational programs; and seek online donations over the Internet have been limited by other factors. These factors include the need for accounting and security policy to provide campus direction in this new Internet marketplace and an automated settlement process between the credit card processors and the DaFIS accounting system. Addressing the accounting, security and integration issues would permit campus organizations to process a greater number of Internet credit card sales and provide a higher level of customer service. These benefits are noteworthy given the anticipated increase in student enrollment during the next few years. Workgroup Asked to Recommend Solutions
Information and Educational Technology (IET), along with the support of the Office of Administration, and Internal Audit Services, recognizes the strong campus interest in electronic commerce (e-commerce). In January, IET created the Electronic Credit and Debit Card Transaction Workgroup to look at campus needs and propose a framework for implementing a campuswide e-commerce solution. The workgroup consisted of representatives from Cash Management, Cashier's Office, Accounting Policy Coordination, IET Information Resources, Office of Administration Technology Coordination, Internal Audit Services, Transportation and Parking Services (TAPS), and the Office of the Vice Provost, Information and Educational Technology.Over the late winter and early spring, the workgroup met with representatives from the UC Berkeley e-Berkeley program; the UC Davis Medical Center; Treasurer's Office, University of California, Office of the President (UCOP); developers of the TAPS online parking permit system; Internet payment gateway vendors, and credit card issuers and payment processors. The workgroup also reviewed the Internet credit card program of other higher education institutions and credit card issuer security requirements. As a result of these reviews and much discussion, the workgroup developed several policy recommendations. Workgroup Proposal for Student Transactions
Generally, student accounts are characterized by their large fixed-dollar amounts, such as student registration and housing fees. The Treasurer's Office is currently leading a review of private-sector companies that could provide students and parents the capability to securely view their bill over the Internet and make payments for these expenses through online credit/debit card or electronic funds transfer (EFT) transactions. Along with the payment, the outsourced provider assesses a small service charge from the payer to recover any discount fees imposed by the credit card-issuer and to cover provider costs and profit. The outsourced provider is also responsible for ensuring its operations are in compliance with credit card issuer information security requirements. These new services are dissimilar from the current "PhoneCharge" system that is used for credit card payment of student housing fees. The "PhoneCharge" system does not provide electronic billing and generally imposes a higher service charge.Workgroup Proposal for Retail Sales over the Internet
A typical Internet e-commerce system collects customer information and provides functions for shopping cart management, order confirmation, payment authorization, and order fulfillment. Such a system must be able to securely process credit card purchases, protect the confidentiality of customer information, and operate in compliance to credit card issuer policies. Failure to meet these requirements could lead to financial liabilities and/or penalties imposed on the campus by the credit-card issuers. If that's not bad enough, loss of credit card and other personal information generally does not inspire public confidence and could violate privacy regulations. As you might recall from recent news articles, many Internet merchants have suffered embarrassing losses of customer credit card information in the past year. Some Internet merchants have even found themselves subject to extortion attempts as some hackers have offered to not publicize the theft of the credit card information if the merchant agrees to pay the attacker a "fee." Accordingly, the workgroup proposed new campus policies relating to:
The workgroup believes a single shopping cart system will provide a more consistent appearance and functionality across all campus Internet e-commerce applications. Next Steps
IET and Internal Audit Services are currently reviewing the workgroup policy proposals. Upon completion of this review, the credit card policy proposals will be forwarded to campus computing councils and to the Office of Administration for discussion and incorporation into the existing draft Credit and Debit Card Program policy (330-41). The suggested e-commerce information security policies will be proposed as a new entry in the UC Davis Policy and Procedures Manual (PPM). If you have any questions on the workgroup recommendations, please contact Bob Ono, the workgroup chairperson. See the proposed policy recommendations at http://iet.ucdavis.edu/policies/ for a more detailed explanation of the group's recommendations. |
|
|
