Text Size Default Text SizeDefault Text Size Large Text SizeLarge Text Size Largest Text SizeLargest Text Size Print Print this Page

PCI Information


The ability to conduct credit card transactions has become a necessity for increased customer service, particularly with the increase in e-commerce. Longwood recognizes that use of credit cards may stimulate sales in certain types of transactions and may increase the cash collections efficiency. The need to protect our customer's credit cards data is essential. This website provides University departments with essential information regarding the requirements and best practices for payment card related activities.

What is PCI DSS?

 PCI DSS stands for Payment Card Industry Data Security Standards. PCI Data Security Standards are national standards from the Payment Card Security Standards Council and apply to all organizations anywhere in the country that process, transmit or store credit cardholder data. The University and all departments that process payment card data have a contractual obligation to adhere to the PCI Data Security Standard (PCI-DSS). We must adhere to these standards to protect our customers and to continue to process payments using payment cards. Each year, departments that are conducting payment card activities must submit a self assessment questionnaire assuring their compliance with PCI DSS.

 PCI Security Standards Council

The PCI Security Standards Council was founded by the major credit card industries (American Express, Discover Card, JCB, MasterCard, and Visa) to manage the continued development, communication, clarification, and implementation of the PCI standards. The PCI SSC website is the best resource for questions related to the standards.

Navigating PCI DSS: Understanding the Intent of the Requirements

 This document describes the 12 Payment Card Industry Data Security Standard (PCI DSS) requirements, along with guidance to explain the intent of each requirement. It is intended to provide a clearer understanding of the Payment Card Industry Data Security Standard, and the specific meaning and intention behind the detailed requirements to secure system components (servers, network, applications etc) that support cardholder data environments.

 University Resources: