170 likes | 295 Views
CREDIT CARDS AT UVA. Tim Sigmon Sandy Bryant Deborah Mills January 11, 2001. BACKGROUND. Needed to accept credit cards for a variety of services Donations Admissions fees Continuing Education Conference & event fees many others. BACKGROUND. Partnered with the University Comptroller
E N D
CREDIT CARDS AT UVA Tim Sigmon Sandy Bryant Deborah Mills January 11, 2001
BACKGROUND • Needed to accept credit cards for a variety of services • Donations • Admissions fees • Continuing Education • Conference & event fees • many others
BACKGROUND • Partnered with the University Comptroller • Accounting issues • Credit card balancing issues • Procedures for approving credit card usage for the service
BACKGROUND • Decisions for Phase I • Credit cards for services only; no goods • Did not want to store credit card numbers on university machines • ITC provides the credit card infrastructure • Departments develop or contract for development of the “storefront” and the backend processing
PILOT • Examined options for the acquiring financial institution (Cybercash, Signio, SurePay, …) • Selected SurePay • ITC developed the infrastructure • ITC developed the “storefront” and the backend processing for the pilot • Long-term the ITC Business Services group will customize a template for the “storefront” & backend for a fee
PILOT • Architecture • Java servlets and JSPs • SurePay Java SDK; transactions in XML • Tomcat – v.3.1 • Apache – v.1.3.12 with SSL • Locally written software – straightforward & available • Hardware – Sun Ultra 10, 440 MHz, 512 MB, mirrored 9GB drive • Identical warm spare – moveable disk array
Departmental Web Server HTTP Name: John Doe Item Cost Quantity 1 $10.00 2 $15.00 10 3 Calculate Total • The department gathers the contact and purchasing data…
Departmental Web Server Credit Card Gateway Name Total John Doe $145.00 HTTP Page Source Please Confirm! <form = ccgatewayURL> <sender = department> <total = 145.00> $100.00 $45.00 Total: $145.00 Yes • Computes the total and returns a confirmation screen with hidden fields specifying the Credit Card Gateway
Credit Card Gateway SSL HTTP VISA Credit Card Type CC Number: Total: $145.00 ******** Submit • The Credit Card Gateway returns a form requesting Credit Card number…
SurePay Server Credit Card Gateway SSL HTTP Thanks! Your submission has been received. Return to Department • The Credit Card Gateway returns a screen confirming the request was received and simultaneously passes the information to the Credit Card Authorizer
SurePay Server Departmental Web Server Credit Card Gateway HTTP or email SSL Authorize or Decline • The Credit Card Authorizer sends authorization status to Gateway. Gateway passes status (via email, http, etc.) to department
Departmental Web Server Name Total Status John Doe $145.00 Authorized email Johndoe@virginia.edu Your VISA card has been authorized for $145.00. You are now enrolled in … Thank you • Department contacts individual (via email, phone, etc.) with status of credit card transaction.
SurePay Server Web Manager John Doe $145.00 Authorized Monies moved into account = • Department then uses the Credit Card Authorizer’s web management system to record business activity to later compare with bank’s account statements.
PILOT USERS • Areas using the credit card gateway or interested in using it • Continuing Education • International Health • Casenex (a distance learning environment) • Development (i.e., fund raising) • Cavalier Advantage Card • Parking and Transportation • Transcripts • Box Office type transactions
ISSUES TO CONSIDER • Understand the fee structure of the acquiring financial institution and negotiate (!) • Work with your finance area on procedures for setting up merchant IDs and institutional procedures • Audit approval • Understand address verification (AVS) and how/where you will/will not use this • Fraud prevention capabilities don’t make a lot of sense for long term services
ISSUES TO CONSIDER • Work with the finance area on the web interface for transactions and settling • Learning curve for departments – setting up their site and processing credit cards • Asynchronous confirmation for customers on the results of the charge • Most large sites do this • Departments deal with the acceptance/rejection of transactions differently
ISSUES TO CONSIDER • Asynchronous confirmation for customers on the results of the charge • Big sites do this • Accepting/rejecting the transactions dealt with differently by departments