Merchant Information Questionnaire
Merchant Number: Merchant Name:
Contact Name: Phone: E-mail:
Please answer the following questions with regard to credit card processing. The answers provided will help with evaluating the Self-
Assessment Questionnaire. If a department has more than one merchant account, a separate questionnaire should be completed for each.
This form is also available online at http://lsu.edu/administration/ofa/oas/bur/asforms/asforms.php
.
1. For what goods and/or services is this merchant accepting payment by credit card? Example: Tuition and fees.
2. How are the transactions processed? Please include information such as: What system(s) is utilized including hardware and software,
payment gateways, or websites; Are purchases scanned into a point-of-sale system or are they keyed in; Does the merchant or customer
swipe the credit card or is the card information keyed in; Does the system require a login; Do you enter a CVV # for card present
transactions?
Example: Credit card transactions are swiped using the FD130 desktop terminal; CVV # is not entered; no login is required
3. Are credit card payments processed by telephone? If so, please describe a typical scenario.
4. Is credit card information written down? If so, what is the storage and disposal policy?
5. Is credit card information stored? If so, please describe the purpose, length, and location of storage.
6. Is there a system in place to maintain control of access to credit card information? If so, describe the controls. Example: Employee
access is removed upon termination and John Smith is the administrator.
7. Are default passwords changed after they are given out?
8. Are passwords changed regularly? If so, how often?
9. Are passwords written down?