Merchant Account Setup
To accept payment cards from customers, departments at The Ohio State University need to set up a merchant account through the Treasurer's Office. This process can take up to 15 business days. Please complete this online form. You may need information from your fiscal and/or IT resources to complete the form.
You need separate merchant accounts for physical (in-person or mail/telephone order) and online sales. You will need to fill out the form separately for each method.
If you need to order additional credit card terminals, you do not need to fill out this form. Please see our page on ordering supplies.
Please contact firstname.lastname@example.org with any other questions.
Accepting Payment Cards
There are two pre-approved methods for accepting payment cards:
- Credit card terminals purchased through the Treasurer's office may be used to process in-person transactions or take orders via mail or telephone
- Pre-approved online payment processors offer standalone or integrated options for accepting payments online
Other methods must be reviewed and approved by Ohio State's PCI Committee and/or external PCI compliance auditor. Departments that want to use a point-of-sale software system or other process must contact Ohio State Merchant Services for assistance.
The payment card industry established a group (the PCI Council) to standardize requirements for handling payment card data and processing payment card transactions. Merchants, including university departments, are required to comply with these standards. For more information, please refer to the university's Payment Card Compliance Policy or contact Ohio State Merchant Services.
Two Steps of a Transaction
- Authorizing the charge – when a merchant accepts a customer’s payment card, swiping the card is a request to our processor to determine if the card can be charged.
- Settlement or “Batching out” – at the end of the business day, a merchant will settle the authorized transactions. This process is called batching out. The transactions are sent in a batch to the processor who will request customers’ charges be sent to our OSU bank account.
Auto Journal Posting
The Treasurer’s Office will establish an automatic journal process for payment card deposits and fees. For each merchant account, departments can specify a revenue chartfield (worktag in Workday) for deposits and an expense chartfield (worktag) for fees.
Departments must reconcile their accounts no less than monthly, although we recommend more frequent reconciliation for deposits. Merchant transactions must be reconciled to Ohio State’s bank account using the General Ledger and your merchant statements. Monthly statements are provided by email.
Online Payment Card Processing
Contact Ohio State Merchant Services to discuss pre-approved options for online payment processing.
- Nelnet eStore is a traditional online shopping experience. Users can browse products with listing images, add them to a shopping cart and check out. An eStore can also be used for basic event registrations. eStores offer the most flexibility in customizing the look and branding experience.
- Nelnet Commerce Manager has two functions. As a payment gateway, an existing application or website can redirect to Commerce Manager to securely process credit card transactions. Commerce Manager can also be set up as a standalone site to sell simple individual items (e.g. a ticket to a fundraising dinner) or to collect customer information (order number, invoice number, etc.) and accept payment in an amount entered by the customer. Commerce Manager will also be able to accept ACH payments beginning July 1, 2020.
- Cvent is an event management platform. They provide advanced reporting and additional services specifically for conferences or events (badge printing, on-site registration, etc.). They can create a website for your event and accept registration payments through the website.
- Cybersource is an existing online payment gateway. All business units currently using Cybersource will be transitioned to a Nelnet solution. No new Cybersource accounts should be created at this time.
If technical limitations prevent you from using a pre-approved option, then the service provider, the product selected, and the implementation must meet the following requirements:
- PCI compliant – The service provider must be certified as a Level 1 service provider under PCI-DSS. You can search a list of service providers here.
- Contract addendum– The service provider must sign a contract addendum accepting responsibility for our customers’ payment card data per PCI regulation 12.8.2.
- Restrict local data – The service provider must accept payments using an iframe or redirect, not an API. This limits the PCI data security requirements that university merchants must meet as no cardholder data is handled by university personnel and no cardholder data is on the Ohio State network.
With any online service, customers must enter their own payment information. Ohio State personnel must not have access to cardholder data and must not enter it on behalf of the customer.
Policy and Requirements document
Payment card fees
There are fees for processing payment cards. Fees are charged by the card brands, by our payment card processor, and by online payment gateways.
- Fees charged by the card brands: Visa, MasterCard, American Express and Discover charge fees based on the type of card presented and the type of transaction (e.g. in person or online). Generally, the rate will be lower for debit card transactions and basic consumer credit card transactions. The rate will be higher for rewards cards such as Corporate and Signature Preferred cards as these reward points are paid by the merchant.
- Transaction processing fees: Our processor charges a transaction fee to authorize and settle payment card transactions with our bank. In addition, the processor provides statement and transaction detail information.
- Online Processing: Cybersource charges an initial setup fee along with a fee per transaction. There is a minimum monthly fee of $10.00. Nelnet charges a fee per transaction with no minimum monthly fee.
Because fees are variable, we recommend using 2.5% of credit card sales for budget purposes.
BuckID merchant accounts are managed by the BuckID office. Please visit buckid.osu.edu for more information.
Equipment and accessories
- FD150 (connects via dial-up or Ethernet): $350 one-time purchase
- RP10 PIN pad (optional): enables customers to complete transactions on the FD150 without handing over their card and enables debit PIN transactions; $199 one-time purchase
- v400m (connects via AT&T 4G cellular): $869 one-time purchase plus $15/month cellular charges
To order terminals, the Merchant Manager must email the following information to email@example.com:
- Merchant name and number (12-digit number)
- Model number and quantity of terminals to order
- Shipping address for the terminals
Policy and Requirements
Terminal Inspection Form
The Ohio State Information Security Control Requirements (ISCR) require devices with S4 (Restricted) institutional data to be destroyed or shredded by an approved vendor. Please contact one of the vendors listed below to properly destroy your old payment card terminal.
Royal Document Destruction - 614-751-9731
Shred It - 614-231-7470