TTUHSC Information Technology
HomeInformation TechnologyInformation ServicesPAWS

eCommerce Service Request

The following is a summary of what is required to utilize eCommerce services at TTUHSC.  Please refer to TTUHSC OP 50.37, Credit Cards Accepted for Services for a complete list of responsibilities and requirements related to accepting credit cards for services at TTUHSC.

Requesting eCommerce Service:

An eCommerce Service Request must be submitted for all eCommerce applications.  These requests must be approved by the requesting Department Head, Vice President for Information Technology & CIO (or Assistant Vice President for Information Services), Accounting Services, Institutional Compliance (if applicable) and Institutional Security Officer (if applicable) prior to implementation.  All eCommerce applications must utilize the Texas Tech University System eCommerce Payment Gateway unless otherwise approved and all web pages that access the TTU System Payment Gateway must be hosted on web servers located in the central Data Center.

If the e-Commerce request requires a new merchant ID, complete the Merchant ID Information Form (see TTUHSC OP 50.37, Attachment A). A separate form for each new merchant ID request is required. Once the Merchant ID form(s) are completed, submit them to the Credit Card Accountant in the Accounting Services department.

The development of all e-Commerce web applications will follow the applicable guidelines outlined in HSC OP 56.01, Use of Information Technology Resources including but not limited to sections 1.4.20 and 9.5.  The requesting department may develop the web application to the point of integrating it with the Texas Tech University System e-Commerce Payment Gateway. However, only Information Technology personnel may perform the work of integrating the application with the TTUS e-Commerce Payment Gateway.

The eCommerce Service request must be completed and approved prior to any merchant ID setup or any web application integration with the TTUS eCommerce Payment Gateway.

eCommerce Service Request Form

Requesting an eCommerce Service Exception (Request to Use PCI DSS Compliant Third Party Vendor for Processing eCommerce Transactions):

As mentioned above, all eCommerce applications must utilize the TTU System eCommerce Payment Gateway unless otherwise approved.  In some cases, consideration may be given to the use of a PCI-DSS compliant third party solution for processing eCommerce transactions, which are not processed through the payment card processor covered under the system wide credit card agreement.  To request this exception, an eCommerce Service Exception Request must be completed and approved by the requesting Department Head, Vice President for Information Technology & CIO (or Assistant Vice President for Information Services), Accounting Services, Institutional Compliance (if applicable) and Institutional Security Officer (if applicable). 

Proof of PCI-DSS compliance from the vendor or other credible source should be submitted with the request. 

Because these items are not processed through the payment card processor covered under the system wide credit card agreement, the requesting department will be responsible for obtaining the Merchant ID from the external party.

eCommerce Service Exception Request Form (Use PCI DSS Compliant Third Party Vendor for Processing eCommerce Transactions)

©