Merchant Services (MS) collaborates with Stanford departments to help them establish merchant accounts and securely process credit/debit card payments for their products and services. There are important factors merchants must consider when beginning to accept credit/debit card payments through platforms like Stripe and others. These include establishing roles and responsibilities for the process, determining payment method and the associated fee structure and obtaining approval for third party service providers.

For more information on getting started with accepting credit/debit card payments, refer to Topic Overview: Merchant Account Life Cycle.

Stanford purchasing cards (PCards) are outside the scope of MS as they are a tool for individuals making purchases on behalf of the university and are managed by Payment Services. For more information, refer to PCards Overview or submit a Support Request for PCard Assistance

Prior to accepting credit cards, determine what’s being sold, the prices and options for accepting and processing payments. Determining how and where to accept payments is an important consideration. The Payment Card Industry – Data Security Standards (PCI DSS) sets very specific rules on how high-risk cardholder data is managed. Selecting the appropriate method helps merchants accept credit cards in a safe and compliant manner. Please use the guideline below to determine what processing method is appropriate.

Processing Method    Description
Point-of-Sale (POS) 
  • The customer presents the payment card in person (insert, swipe or use contactless payment such as digital wallet). Customers can use the Stanford acquiring bank provided or approved third party provided stand-alone credit card terminals.
  • Requires approval from MS, ET Compliance and Information Security Office if a new POS system, with its proprietary equipment, is considered.
  • Refer to Resource: Point-of-Sale Merchants for details.
E-Commerce
  • Customers directly input payment card data online.
  • Can use approved third party service providers (TPSP) which are payment gateway compatible with Stanford acquiring bank’s processor, Wells Fargo Merchant Services. Their preferred payment gateway is Cybersoure. 
  • Requires approval from MS, ET Compliance and potentially, the Information Security Office (ISO) if a new TPSP is considered or a webstore is built by IT Services (UIT) resources.
  • Refer to Resource: Ecommerce Merchants for details.
Conference and Event Registration (E-Commerce)
  • Customers directly registers for an event and  inputs payment card data online.
  • Can use Treasury managed Eventbrite or Certain event management software.
  • Department is required to set up a Certain subaccount or Eventbrite merchant account; responsible for building their own events and performing registration and financial reconciliation. 
  • Alternatively, departments can use the Stanford Ticket Office or Stanford Conference event management services.
  • Requires approval from MS, ET Compliance and potentially  ISO if a new event vendor is  considered.
  • Refer to Topic Overview: Event Registration for details.
Mail Order / Telephone Order (MOTO) 
  • Customer is not present at the time of purchase; the merchant manually inputs payment card data through a point of sale terminal or online software.
  • Requires an encrypted VoIP work phone.
  • Requires use of Stanford acquiring bank gateway services or approved third party standalone credit card terminals.  
  • An online “virtual” terminal via a payment gateway combined with a separate segregated internet network is also available.
  • Requires approval from Merchant Services and ET Compliance.

It’s important that merchants consider the associated fee structure when reviewing the available processing method options. 

Fee Type Description
Credit Card Processing (All Merchants) Processing fees are billed on a monthly basis. Credit card processing fees are typically 2.5% to 3% of credit card revenue and generally debited from your department’s  PTA on the 10th business day of the month following the month in which they were incurred.
Stanford Merchant Services Fee Billed monthly at 0.8% of the prior month's card revenue via an iJournal to your department's PTA with an expense type of 58502 (Stanford Merchant Services Fee). This fee is assessed by the university on all credit card revenue collected through any channel.
Terminal for Purchase

One-time purchase price for the following PCI-validated point-to-point encryption (P2PE) equipment provided by Wells Fargo:

  • Clover Flex at $424.15 + sales tax
  • Clover Mini at $565 + sales tax
  • Clover Station at $893.35 + sales tax

Monthly service fee:

  • Basic Plan at $4.95 per month per device
  • Register Lite Plan at $9.95 per month per device

Monthly cellular network fee: 

  • $15 pe month per device may be waived by Clover in some circumstances/

Note: Departments are solely responsible for obtaining the equipment pricing provided by other approved third party service providers.
Terminal for Rental

Rental fee ($49.99 per device) with one-time activation fee ($25), and monthly access fee ($15 per month) 

Rental fee will not be charged for the month, if terminals are ordered after and/or returned before the 20th of the same month. 

No fees are charged if departments borrow one of the three terminals available from Treasury’s loaner program, subject to availability.

 

Stanford merchants are required to maintain compliance with university policy and PCI DSS. This requires that the merchant assign the necessary roles in their organization to manage all compliance responsibilities. For more information on university policy and merchant responsibilities, refer to Resource: Merchant Responsibilities

The Office of the Treasury (OOT) centrally manages Stanford University’s relationship with its acquiring bank to facilitate processing services that meet department needs and adhere to industry and institutional data security standards. All Stanford entities that accept credit cards must use Stanford’s acquiring  bank and an approved vendor. Leveraging existing relationships and proven products allows departments to expedite new merchant account set ups and maintain compliance. 

The following approved vendors are centrally supported by MS and are acceptable for deployment on campus. Please contact MS for information prior to engaging the service. If there is a vendor not listed below that you feel is essential to your business, please contact MS for a consultation. Please note that all new vendors used for payment card processing must be approved per the guideline.

Approved Description
Wells Fargo Payment Gateway/CyberSource
  • All credit card data is entered on an order page that is hosted on CyberSource's secure server
  • After a payment transaction has been completed, the Secure Acceptance solution will return transaction identifiers back to the storefront website. 
  • Transaction details are viewable in Cybersource  business center. Refer to Resource: E-Commerce Merchants for more information.
POS Terminal Provided by Wells Fargo
  • Point-of-sale terminals are credit card swipe, dip or tap terminals. Terminals used on campus must be provided by Wells Fargo approved vendors.
  • Terminals require an analog phone line [a voice over internet protocol (VOIP) line is not acceptable for use in transmitting credit card data]. 
  • Wireless terminals, which use a secure, proprietary network provided by Wells Fargo, are also available.
Event Management
  • Certain Event Management is an online platform that allows departments to create webpages and sell tickets for events by accepting credit card payments online. For more information, refer to Resource: Certain Event Management.
  • Eventbrite is an online ticketing platform that enables faculty and staff to set up free and paid events. For more information, refer to Resource: Eventbrite Event Management.
Other
  • Please contact MS for other services that may fit department needs.

Questions?

arrow_upward
Back to Top