local_library Resource

Preventing Fraud on Purchasing Cards and Travel Cards

Review these tips to keep your Stanford University-issued Purchasing Card (PCard) or Travel Card (TCard) safe.

Safeguard the card

  • When the card is not in use, keep it in a locked unit.
  • Only use the card on secure websites and do not save the card number as a default payment method.
  • Do not lend or share an individual Purchasing Card (PCard) or any Travel Card (TCard).
  • Limit the use of department PCards to one or two designated employees who have completed training in PCard Policy and Procedure.
  • Do not write down a PCard or TCard number, or share information about a card via email, text or other means. For department cards, ask the cardholder custodian to place orders as needed.

The department’s PCard custodian is responsible for ensuring controls are in place, securing physical access to the card and logging card usage.

Submit and Approve Transactions on Time

  • Submit and approve transactions within 60 days to help identify and reduce fraud. The department is ultimately liable for any fraudulent and erroneous charges not resolved directly with the merchant.

Provide Departmental Oversight

Respond to Changes in Staff Status

  • If a cardholder/custodian leaves the university, cancel the university-issued card immediately.  
  • If a cardholder/custodian has transferred departments, cancel the current card and apply for a new card with the new department.
  • If a cardholder/custodian is on extended university leave, such as sabbatical, family or medical leave, submit a Change Request to have the card temporarily suspended until the cardholder/custodian returns. If there are questions or issues, please notify the Card Services Team via a support request.

All card transactions should be properly expensed/cleared before the employee’s status changes.


  • Use separate email accounts for work and personal use.
  • Use a unique password for each account.
  • Use strong passwords and update them every two months.
  • Protect your tech devices by using updated anti-virus software, operating systems and web browsers.
  • Limit internet usage at work to core business-related sites.
  • Avoid using unsecured public networks.
  • Never click on a document or link that comes from an unknown source.
  • Never share personal information about your job or travel plans via social media.
  • Never disclose confidential information (such as credit card account number, CVV code, login or passwords) in a format that can be shared via email, text, messaging service or written document.
Last Updated: Aug 2, 2023
Back to Top