Resources

Merchant Services (MS) is the program that manages, supports, and mitigates risk for payments collected digitally and via credit and debit card at Stanford. 

At each merchant's discretion, a POS owner/department should develop a schedule and routine for device inspection that looks for tampering or substitution periodically.

The Office of the Treasury (OOT) centrally manages Stanford University’s relationship with its acquiring bank to facilitate processing services that meet department needs and adhere to industry and institutional data security standards. This list is constantly being updated. 

Stanford third-party vendors must use a separate network for internet service not connected to Stanford.

Complete this form before your initial meeting with the merchant services operations team. 

Use this checklist to make sure you have enough information to proceed with the new third-party service provider evaluation. 

Refer to the Purchase Order Terms and Conditions Article 18 and 19. Terms in any acceptance by a Seller which are in addition to, or not identical with the following terms will not become a part of any Stanford University Purchase Contract unless Stanford specifically and expressly agrees in writing that such other terms are accepted.

Follow the instructions to change the PCI account created by the PCI Compliance Infrastructure team. 

The SREDKey (secure reading and exchange of data) is an encrypted keypad that ensures all data transactions are protected through secure point to point encryption (P2PE) reducing fraud and data compromise risk.

External websites to help you understand PCI Compliance.