Third Party Merchant Services and Mobile Pay Devices

By Bobbi McCracken (Associate Vice Chancellor for Financial Services and Controller) |
Riverside, Ca –

There have been a number of inquiries regarding the use of third party merchant services and mobile pay devices, such as PayPal, Square and Stripe. Per Office of the President, at this time due to credit card security concerns and UC exclusive merchant services agreement with Bank of America, these credit card payment processing services CANNOT be utilized by any UC Entity. It is my understanding that no other UC campus merchants have been authorized to utilize these services. The UC policy covering credit card usage is available in the Business and Finance Bulletin BUS-49 and our local procedures UCR policy 200-17 Credit/Debit Card Acceptance.

UC does recognize that there is a potential benefit to the University due to the ease-of-setup, minimal startup fees, and convenience of these types of merchant services. Third party merchant service providers are making progress to improve the security concerns associated with accepting credit card payments on phones, tablets, and mobile devices, and UC is currently exploring options with our Payment Card Industry (PCI) Qualified Security Assessor, Coalfire, which may address the current security concerns over the protection of customer credit card information. As more information becomes available on the outcome of these assessments, it will be disseminated to the campus. In the meantime, please note that Bank of America Merchant Services (BAMS) does offer similar functionality via their PCI compliant wireless terminals.

If any third party merchant services, such as PayPal, Square, or Stripe, have already been implemented by your unit, please suspend all credit card processing immediately and contact our campus credit card coordinator and Director of Student Business Services/Cashiers, Asirra Suguitan, at Your cooperation with complying with UC policy and protecting customer credit card information is appreciated.