credit cards at uva

CREDIT CARDS AT UVACREDIT CARDS AT UVA

Tim Sigmon

Sandy Bryant

Deborah Mills

January 11, 2001

BACKGROUNDBACKGROUND

Needed to accept credit cards for a variety of services– Donations– Admissions fees– Continuing Education– Conference & event fees–many others


Partnered with the University Comptroller– Accounting issues– Credit card balancing issues– Procedures for approving credit card usage

for the service


Decisions for Phase I– Credit cards for services only; no goods– Did not want to store credit card numbers

on university machines– ITC would provide the credit card

infrastructure– Departments would develop or would

contract for development of the “storefront” and the backend processing

PILOT PILOT

Examined options for the acquiring financial institution (Cybercash, Signio, SurePay, ...)

Selected SurePay ITC developed the infrastructure ITC developed the “storefront” and the

backend processing for the pilot Long-term the ITC Business Services group

will customize a template for the “storefront” & backend for a fee

PILOTPILOT

Architecture– Java servlets & JSPs– SurePay Java SDK, transactions in XML– Tomcat – v.3.1– Apache – v.1.3.12 with SSL– Locally written software – straightforward &

available– Hardware – Sun Ultra 10, 440 MHz, 512 MB,

mirrored 9GB drives– Identical warm spare – moveable disk array

Departmental Web Server

1. The department gather the contact and purchasing data…

Name:Item Cost Quantity

1 $10.00

2 $15.00

John Doe

Calculate Total

10

3


HTTP

Credit Card Gateway

2. Computes the total and returns a confirmation screen with hidden fields specifying the Credit Card Gateway

Please Confirm! $100.00

$45.00

Total: $145.00

Yes


HTTP

<form = ccgatewayURL>

<sender = department>

<total = 145.00>

Page Source

Name Total

John Doe $145.00

Credit Card Gateway

3. The Credit Card Gateway returns a form requesting Credit Card number…

Credit Card Type

CC Number:

Total: $145.00Submit

HTTP

SSL

VISA

********

Credit Card Gateway

4. The Credit Card Gateway returns a screen confirming the request was received and simultaneously passes the information to the Credit Card Authorizer

Thanks!

Your submission has been received.

Return to Department

HTTP

SSL

SurePay Server

Credit Card Gateway

5. The Credit Card Authorizer sends authorization status to Gateway. Gateway passes status (via email, http, etc.) to department

HTTP

or

email

SSL

SurePay Server


Authorize

or

Decline

6. Department contacts individual (via email, phone, etc.) with status of credit card transaction.


email

Your VISA card has been authorized for $145.00.

You are now enrolled in …

Thank you

[email protected]

Name Total Status

John Doe $145.00 Authorized

Web Manager

SurePay Server

John Doe

$145.00 Authorized

Monies moved into account

=

7. Department then uses the Credit Card Authorizer’s web management system to record business activity to later compare with bank’s account statements.

PILOTPILOT

Areas using the credit card gateway or interested in using it– Continuing Education– International Health– Casenex– Development site– Cavalier Advantage Card– Parking and Transportation– Transcripts– Box Office type transactions

ISSUES TO CONSIDERISSUES TO CONSIDER

Understand the fee structure of the acquiring financial institution and negotiate

Work with your finance area on procedures for setting up merchant IDs and institutional procedures

Audit approvalUnderstand address verification and

how and where you will/will not use this


Fraud prevention capabilities don’t make a lot of sense for long term services

Work with the finance area on the web interface for transactions and settling

Tomcat – not in the standard build for web servers

Learning curve for departments – setting up their site and processing credit cards


Asynchronous confirmation for customers on the results of the charge– Big sites do this– Accepting/rejecting the transactions

dealt with differently by departments

credit cards at uva

Documents