NDSU discourages the practice of accepting credit card information that has been written down. In order to provide the highest level of security to our customers, it is strongly encouraged that credit cards be swiped or otherwise electronically processed on a system that is considered secure by the PCI Security Council. No data should be retained by the department in regards to credit card numbers. Receiving credit card numbers by fax, email, or postal mail is prohibited by the PCI Security Standards council.

• Policy on Electronic Financial Transactions
• Procedure regarding Electronic Financial Transactions
• Procedure regarding Mobile Electronic Financial Transactions
• NDSU Incident Response Plan for Suspected or Confirmed Credit Card Security Breach

If you would like to enable your customers to pay you via credit card, the following options are available to you:

1. Customers with charges posted on Campus Connection have the option to pay their charges online. Please see: Credit Card Payments from Corporate Customers
2. Utilize Nelnet to post products and services and collect payments online.
3. Utilize a card swipe machine purchased from Bank of North Dakota. If your department would like to request a credit card swipe machine from Bank of North Dakota, please complete the Departmental Request for Dial up Credit Card Machine form.
   • Any employees responsible for processing/receiving cardholder data must complete the appropriate Credit Card Training module.
   • Login with your NDSU Account Credentials (same as Blackboard, computer clusters; requires Duo Authentication)
   • Courses -> NDSU Employee Training
     • Managers/Supervisors must complete the PCI Training for Managers (please contact Carrie Petersen at carrie.a.petersen@ndsu.edu or 231-7545 to be enrolled in this course).
     • All other staff must complete the Credit Card Training (self-enrollment available).
4. Utilize a third party vendor to process credit card payments for you. If your department would like to request a third party vendor for credit card collection you must complete the Departmental Request for Other 3rd party Online Processor form and submit it, along with the additional requested information, to the VP for Finance and Administration, the VP for Information Technology and Customer Account Services for approval.
   • Any employees responsible for processing/receiving cardholder data must complete the appropriate Credit Card Training module.
     • Login with your NDSU Account Credentials (same as Blackboard, computer clusters; requires Duo Authentication)
     • Courses -> NDSU Employee Training
       • Managers/Supervisors must complete the PCI Training for Managers (please contact Carrie Petersen at carrie.a.petersen@ndsu.edu or 231-7545 to be enrolled in this course).
       • All other staff must complete the Credit Card Training (self-enrollment available).