Transcript CREDIT CARDS AT UVA - University of Virginia

CREDIT CARDS AT UVA
Tim Sigmon
Sandy Bryant
Deborah Mills
January 11, 2001
BACKGROUND

Needed to accept credit cards for a
variety of services
– Donations
– Admissions fees
– Continuing Education
– Conference & event fees
– many others
BACKGROUND

Partnered with the University Comptroller
– Accounting issues
– Credit card balancing issues
– Procedures for approving credit card usage
for the service
BACKGROUND

Decisions for Phase I
– Credit cards for services only; no goods
– Did not want to store credit card numbers
on university machines
– ITC would provide the credit card
infrastructure
– Departments would develop or would
contract for development of the “storefront”
and the backend processing
PILOT





Examined options for the acquiring financial
institution (Cybercash, Signio, SurePay, ...)
Selected SurePay
ITC developed the infrastructure
ITC developed the “storefront” and the
backend processing for the pilot
Long-term the ITC Business Services group
will customize a template for the “storefront”
& backend for a fee
PILOT

Architecture
–
–
–
–
–
Java servlets & JSPs
SurePay Java SDK, transactions in XML
Tomcat – v.3.1
Apache – v.1.3.12 with SSL
Locally written software – straightforward &
available
– Hardware – Sun Ultra 10, 440 MHz, 512 MB,
mirrored 9GB drives
– Identical warm spare – moveable disk array
Departmental
Web Server
Departmental
Web Server
HTTP
Name:
Item
John Doe
Cost
Quantity
1
$10.00
10
2
$15.00
3
Calculate Total
1. The department gather the contact and purchasing data…
Credit Card
Gateway
Departmental
Web Server
Name
Total
John Doe $145.00
HTTP
Page Source
Please Confirm!
$100.00
<form = ccgatewayURL>
$45.00
<sender = department>
Total: $145.00
<total = 145.00>
Yes
2. Computes the total and returns a confirmation screen with
hidden fields specifying the Credit Card Gateway
Credit Card
Gateway
SSL
HTTP
Credit Card Type VISA
CC Number: ********
Total: $145.00
Submit
3. The Credit Card Gateway returns a form requesting Credit
Card number…
SurePay Server
Credit Card
Gateway
SSL
HTTP
Thanks!
Your submission has
been received.
Return to Department
4. The Credit Card Gateway returns a screen confirming the
request was received and simultaneously passes the
information to the Credit Card Authorizer
SurePay Server
Credit Card
Gateway
Departmental
Web Server
HTTP
or
SSL
email
Authorize
or
Decline
5. The Credit Card Authorizer sends authorization status to
Gateway. Gateway passes status (via email, http, etc.) to
department
Departmental
Web Server
Name
Total
Status
John Doe $145.00 Authorized
email
[email protected]
Your VISA card has been
authorized for $145.00.
You are now enrolled in …
Thank you
6. Department contacts individual (via email, phone, etc.)
with status of credit card transaction.
SurePay
Server
Web Manager
John Doe
$145.00 Authorized
Monies moved into account
=
7. Department then uses the Credit Card Authorizer’s web
management system to record business activity to later
compare with bank’s account statements.
PILOT

Areas using the credit card gateway or
interested in using it
–
–
–
–
–
–
–
–
Continuing Education
International Health
Casenex
Development site
Cavalier Advantage Card
Parking and Transportation
Transcripts
Box Office type transactions
ISSUES TO CONSIDER
Understand the fee structure of the
acquiring financial institution and
negotiate
 Work with your finance area on
procedures for setting up merchant
IDs and institutional procedures
 Audit approval
 Understand address verification and
how and where you will/will not use
this

ISSUES TO CONSIDER
Fraud prevention capabilities don’t
make a lot of sense for long term
services
 Work with the finance area on the
web interface for transactions and
settling
 Tomcat – not in the standard build
for web servers
 Learning curve for departments –
setting up their site and processing

ISSUES TO CONSIDER

Asynchronous confirmation for
customers on the results of the
charge
– Big sites do this
– Accepting/rejecting the transactions
dealt with differently by departments