All University employees handling payment cards or related data are required to complete annual PCI Data Security training as part of the University’s overall compliance program. Pitt IT provides the training shown below. After logging into the training portal, select the PCI Learning Path from the content library.

• Pitt IT-Sponsored Security Awareness Training

To demonstrate the University’s ongoing commitment to compliance with PCI DSS and other related payment card standards and to highlight existing policies and guidance relevant to this topic, the following policy and guidance documents were issued. The E-Business Resource Group (EBRG) serves as a resource to the University community that provides guidance on PCI DSS related matters.

• University of Pittsburgh Policy 05-11-02 Payment Card Handling and Acceptance
• University of Pittsburgh E-Business Resource Group Guidelines  
• Payment Card Industry Data Security Standards

This section provides an overview of the transaction flow for credit card payments and information for existing Pitt Merchants that includes resources for online statements, information on requesting and returning equipment, terminal user guides, and reconcilement responsibilities, as well as details on chargebacks, inquiries, and monthly reconciliations.

• Guidelines for Transacting Credit Card Payments
• PNC Merchant Services MyClientLine Login
• PNC Merchant Services Terminal Guides 
• PNC Merchant Services Contact Information
• Request Access to PNC Merchant Services
• Request, Return, or Get Help with Terminals

University of Pittsburgh Merchants must follow the Payment Card Industry Data Security Standards (PCI DSS) to manage risk and protect our business and client information.

• PCI Glossary of Terms
• PCI Security Standards
• Ten Common Myths of PCI DSS