eCommerce Payment Acceptance at Yale (ePAY) Project Launch

August 19, 2020

The University is launching the eCommerce Payment Acceptance at Yale (ePAY) project to standardize credit card payment acceptance, processing, and reporting across Yale.  Beginning this summer, the project will develop and implement an eCommerce platform that is Payment Card Industry Data Security Standards (PCI DSS) compliant and meets departments’ credit card processing needs.

Details

Departments currently accepting credit card payments are required to meet credit card acceptance standards mandated by the Payment Card Industry Data Security Standards (PCI DSS). Compliance reporting and administration can be effort and time-intensive for the individual departments and the University. These efforts are compounded by a current e-commerce landscape of up to 300 Merchant ID’s and different credit card processing systems across the University.

As our credit card transactions increase, our PCI DSS compliance requirements will become more complex. Compliance to PCI DSS is critical to our ability to accept credit card payments. Therefore, consolidating and standardizing our e-commerce platform will ensure the University has a scalable, efficient, and compliant solution that will meet its current and future needs.

Beginning in July 2020 and continuing over the next 18-24 months, Project ePAY will develop and implement an e-commerce platform that is PCI DSS compliant and meets departments’ credit card processing needs. To support this project, the University has engaged TouchNet, a leading provider of integrated, comprehensive, and secure e-commerce solutions for colleges and universities. For all departments and business operations (not using EPIC), TouchNet will work with the project team to build solutions that will:

  • standardize hardware and software solutions across the University
  • simplify our cardholder data environment to achieve a state of continuous PCI compliance, avoiding future increases in administrative requirements.
  • enhance accurate reporting in Workday where transaction details can be reported by COA
  • strengthen the Yale brand by improving the customer experience at point-of-sale
  •  improve support capability for the departments credit card processing needs
  • streamline the process for departments needing one-time or ongoing credit card processing

For departments using EPIC, including Yale Medicine, the project team will collaborate with Yale New Haven Health (YNHHS) to:

  • Establish EPIC credit card payment processing procedures
  • Implement software that will reduce applicable PCI DSS compliance controls for their call centers

The University will also soon be announcing an E-Commerce Manager that will:

  • Coordinate PCI DSS compliance efforts across departments, IT, Finance and TouchNet
  • Provide e-commerce support to departments
  • Serve as a liaison between the University and YNHHS for all PCI DSS compliance issues

F.A.Q.

When will my department be contacted for deployment?

Departments will be migrated to the new solution in phases over the next 18-24 months. The project team will work with each department to assess their credit card processing environment, deploy a solution tailored to their needs, and determine the timing for their deployment. While the project plan is still being finalized, we expect the phases to deploy as follows: 

  • October 2020– December 2020
    • Departments who have volunteered and are currently without an eCommerce or credit card acceptance capability
  • January 2021– December 2021
    • Departments that currently have or need an eCommerce solution
  • July 2021 -June 2022
    • Departments with or needing Point-of-Sale solution

We will work with your department to determine the best time period for your department. Please email ePAY@yale.edu if you would like to volunteer for earlier deployment timing or to identify any timeframe we need to avoid in deploying the new solution for your department. 

Departments needing credit card processing capability or needing a new system or upgrade must contact ePAY@yale.edu before selecting a new system or finalizing any agreements.

Our credit card processing works well; why do we need to change?

As our credit card transaction levels increase, it becomes increasingly vital that we build a platform that will grow with our needs and ensure our continued ability to accept credit card payments. The solution deployed for each department will depend on many factors; the department’ s processing needs, ensuring PCI compliance, and standardizing hardware and software are the primary considerations. For some departments, there may be a change to point-of-sale devices; for others, only the back-end processing of the card transaction will change. The team will work with you to build the solution that will meet your needs, keep you fully informed, and train staff on any required changes.

Questions about the Project?

Contact ePAY@yale.edu with any questions regarding this project.