Credit Card Processing
WPI accepts the following credit cards for payment to student accounts, gifts, conferences and events, recreation center memberships, and other miscellaneous remittances: Visa, MasterCard, Discover, and American Express.
Student Account Payments via Credit Card
Credit card payments for student accounts are only accepted online using WPI’s third-party servicer CASHNet. For information on how to login to CASHNet to make a credit card payment on a student account, please see the Bursar’s page on tuition payment options.
Departmental Credit Card Services
All payment card processing at WPI must be approved by the Financial Services office. If your department is interested in accepting credit card payments, please contact Director of Financial Services Nancy Smith via email or at +1-508-831-6091, to schedule a meeting to discuss the option that best fits your departmental needs. Please be prepared to discuss the following:
- What is the beginning date and, in the case of temporary requests (e.g., conferences), termination date of the credit card activity?
- What is the estimate of the expected departmental volume, including information on the expected number of transactions, average dollar amount of the transactions, and any expected cyclical nature of the credit card activity?
- In conjunction with the Director of Financial Services, assess the available processing options and methods (i.e., WPI secure web page, PC Processing, POS, or dial-up terminal) to determine the most appropriate option.
- Department FOAPAL for posting payments.
- Contact person to receive credit card payment information for reconciliation purposes.
Payment Card Industry Data Security Standards (PCI DSS)
WPI complies with PCI Data Security Standards. WPI does not store any credit card information and uses secure methods for processing credit card information. All our third-party servicers are also compliant with PCI DSS standards. All employees who process or have access to credit card information will receive PCI training and are required to follow the standards set forth in the PCI Data Security Standards. See PCI Q&A for more information on PCI standards.
OVERVIEW OF PCI
- Only those with a “need to know” are granted access to credit card and electronic payment data.
- Email cannot be used by any WPI employee to transmit credit card or personal payment information.
- Credit card or personal payment information is never downloaded onto any portable devices such as USB flash drives, compact discs (CDs), laptop computers, or personal digital assistants (PDAs).
- Fax transmissions (both sending and receiving) of credit card and electronic payment information occurs only on those fax machines where access is restricted to those individuals who must have contact with payment card information in order to do their jobs.
- The storage of personally identifiable credit card or payment information on WPI computers and servers is prohibited.
- Only secure communication protocols and/or encrypted connections to the authorized vendor are used during the processing of eCommerce transactions.
- The three-digit card-validation code printed on the signature panel of a credit card is never stored in any form.
- The full contents of any track from the magnetic stripe (on the back of a credit card, in a chip, etc.) are never stored, in any form.
- All but the first and/or last four digits of any credit card account number are always masked, should it be necessary to display credit card data.
- All media containing credit card and personal payment data that is no longer deemed necessary or appropriate to store are destroyed or rendered unreadable.