Acceptance of credit/cebit card payments

August 7, 2019

Yale is currently undertaking an initiative to evaluate acceptance of credit/debit card payments across the entire University.  The objective of this project is to streamline processing, enhance security, and facilitate annual PCI compliance with a goal of increasing standardization.

Yale recently underwent a compliance audit performed by Security Risk Advisors. This audit resulted in several recommendations, including:

  1. Develop a list of approved payment technologies, including the requirement of Point-to-Point Encryption (P2PE) across all point of sale locations.  Deploy Point-to-Point Encryption (P2PE) devices across all payment channels identified as an SAQ C or DAQ C-VT within the Yale PCI Asset Inventory.
  2. Develop a list of Approved PCI Compliant Solutions.
  3. Implement Approved Solutions.

Upon completion of this initiative, revised Policy 2820 Acceptance of Credit & Debit Card Payments will dictate which approved methods will be allowed.  All other methods will be denied. 

Our consultant, Mercator, will be on campus conducting one-hour group discussions and one-on-one interviews August 13-14 and August 20-21, 2019.  If you have not yet been contacted and you accept credit/debit cards payments, please contact Liz Burnell  at, Project Manager, as soon as possible to be added to the interview list.

We would like you to attend these meetings to provide your business requirements and to ensure that your business needs are met.  This is an opportunity for you and your department to bring your comments and suggestions for future state credit/debit card processing.  Your participation in this initiative is extremely important.  Please note, failure to provide your business requirements via this initiative may result in losing your ability to accept credit/debit card payments.

Thank you in advance for your assistance and cooperation with this vital initiative.