Resources

The University recognizes that the ability to accept credit card payments is necessary for modern e-commerce.

When a check is scanned or taken to a bank, the Ad Hoc Bank Transaction (AHBT) will come to the Cost Center Deposit Specialist's inbox the next day after 1pm.  

When there is a deposit to one of the University’s bank accounts, an Ad Hoc Bank Transaction (AHBT) is created in Workday.  This Ad Hoc Bank Transaction will be sent to the Cost Center Deposit Specialist’s My Tasks (or Workday Inbox).  The AHBT comes in with worktags in the Ad Hoc Bank Transactions lines auto-populated/defaulted).  Workday gets the information that auto-populates from the Ad Hoc Bank Transaction Template.  This template is set up when the schoo

Most Ad Hoc Bank Transactions (AHBT) have one of three Purpose codes:

It is best practice to attach a copy of the checks that are included in the deposit to the Ad Hoc Bank Transaction (AHBT).

If you scanned a check using a remote deposit scanner (RDS), you can run a report, Deposit Details by Account Report, that has a log of the checks as well as the images, front and back, of the check in CashPro.  

It generally takes 2-4 business days for the credit card payments fully process and get to Bank of America.

If you do not see the transaction right away, you will likely see it in a few days.  If after 5 business days, you still are not seeing the Ad Hoc Bank Transactions, you can reach out to askfinance@virginia.edu.

See – How does the process work for revenue that comes in through the Merchant Account? FAQ for more information

Merchant Account transactions get batched together at the end of the day for each device, so you will not see the individual transactions or details on your Ad Hoc Bank Transaction.

Credit Card Transaction online

The process for getting revenue into the University starts with a point-of-sale system. When a transaction is started in a point-of-sale system, that system contacts a payment processor to verify the payment. The payment processor is Elavon. When the payment processor is contacted about a payment, they check with the credit card company to confirm the payment. The credit card companies respond with an “approve” or “deny” message, which is sent back to the point-of-sale system. This process only takes a few seconds.

University Foundations can use UVA Fund’s services to collect and process gifts and donations as the funds do not belong to the University, they are deposited into Foundation bank accounts. If the monies the event is collecting are University funds, deposited into University revenue projects, then UVA Fund cannot function as a processor for your event (see Policy FIN-016: Receiving and Depositing Cash and Other Monetary Instruments) as the funds are required to be deposited directly into University Bank Accounts.

The Payment Card Industry has addressed access to cardholder data through the Standards and identify what screening that potential employees must pass in order to gain access to cardholder data including reports. This standard is required for EMPLOYEES and recommended even if the employee is a cashier and exposed to one card at a time.

12.7 Screen potential personnel prior to hire to minimize the risk of attacks from internal sources. (Examples of background checks include previous employment history, criminal record, credit history, and reference checks.)

At Elavon, the credit is processed and submitted to the bank along with the settlement.
Per Visa and MasterCard Regulations, the Bank has up to 30 days to apply a credit/refund to their cardholder’s account. This is not something that we can control.

Credit card purchases, unlike purchases made with cash or a check come with the right by the Cardholder to question any amount billed to their account. These rights of dispute are provided under the Fair Credit Billing Act. What this means for a merchant is that charges that you took in good faith may end up being reversed for a number of reasons.

State guidelines require that supporting documentation is maintained for three years plus the current year (see University Records Management). The complete cardholder account number and security code need to be eliminated from any document as soon as there is no business need for the information (within 90 Days [PCI]). You may retain a maximum of the first six and the last four digits of the account number with the documentation for the record retention period, but never the Security code (CVV2).

PCI stands for Payment Card Industry. PCI Data Security Standards are national standards issued by the Payment Card Security Standards Council and apply to all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers. PCI also applies to all other entities that store, process or transmit cardholder data or may have an impact on the security of the cardholder data environment.

The University of Virginia recognizes that individual credit card information is confidential. Failure to maintain strict controls over this information could result in unauthorized use of a credit card numbers and create serious problems for the consumer, the unit, and the University. Credit card information is treated as carefully as other confidential information.

These services may include a registration form, manipulating the data into the reports, managing a conference, etc. If the vendor does not also collect credit card payment information or refer your customer to a third-party for payment card processing, then using these vendors do not bring your process under PCI compliance rules.