The University at Buffalo is committed to compliance with the Payment Card Industry Data Security Standards (PCI DSS) to protect payment card data regardless of where that data is processed or stored.
Departments must select the appropriate PCI compliant device to process payment card transactions in accordance with university policy and the payment card industry standards.
PCI Compliant Device | Description |
|---|---|
UB ePay | • Electronic payment system • Online, off-campus use • Requires university-approved graduate application fees |
Bluefin Card Swipe Devices | • USB secure card-reading SREDKey device • Preferred on-campus, card-present solution • Requires university-approved grad app fees |
UB Cellular Hand-Held Terminals | • Portable, card-present solution |
PCI Compliant Device | Description |
|---|---|
UBF SREDKey Swipe Devices | • USB secure card-reading SREDKey device • Preferred on-campus, card-present solution • Requires university approved rates |
UBF Manual Entry by UBF Business Office | • Record payment information (card number, expiration date, CVV code) on paper • Call UBF Business Office for secure processing • Immediately destroy payment information |
PCI Compliant Device | Description |
|---|---|
UB / Dedicated (Wired) Terminals | • Not preferred due to significant PCI Compliance handling procedures • Inventoried by Financial Management and UBF |
UB Marketplace | • All funds electronic payment system • Requires university-approved rates • Shopping cart experience • Basic inventory capabilities • Online, off-campus use |
| Revenue Type | Contact | Email or Phone |
|---|---|---|
| State IFR Revenue | Financial Management | PCI_COMPLIANCE@buffalo.edu |
| UBF Revenue | UB Foundation | 716-645-3013 |
