NOTICE: The Finance Policies and Procedures Manual, along with the previous manual, is undergoing changes. These sites are continually updated to reflect changes in business processes. If you cannot find the information you are seeking in these policies, email for more information.
Policies and Procedures

Procedure 308.9 – The University’s Payment Gateway

July 1, 2006
Last Updated
July 18, 2011
Responsible University Officer
Executive Director and Information Security Officer
Information Technology Services
University Controller
Responsible Unit
Accounting Services

Procedure Statement

University of North Carolina at Chapel Hill is using TouchNet’s Hosting Service. TouchNet will run, manage and maintain our licensed TouchNet software in their DataCenter. The TouchNet DataCenter meets the stringent requirements of PCI DSS. This service means that NO credit card data interacts with the University’s systems, therefore greatly reducing the risk of a security breach.

TouchNet is the University's payment gateway and is required to be used for all internet credit card transactions. To apply for an exception, please refer to Procedure 308.1 - Establishing a New Merchant Card Account.

Forms and Instructions

A user will access the merchant’s University web application and will be transferred to TouchNet’s Marketplace uPay site when it comes time to pay for a service. Each merchant will have a defined site, called uPay, where the credit card information will be entered. Then the TouchNet Payment Gateway will process the payment from our customers, sending the payment data to our credit card processor. The Payment Gateway stores the payment transaction information in a database, in encrypted data files.

The TouchNet Payment Gateway sends all required data to our processor for both the authorization and settlement. Settlement occurs every evening starting at 10:00 PM. The Payment Gateway will run an automatic, daily batch settlement at the specified time that we defined in the merchant set up.

In the Payment Gateway Operations Center, you can review payment data in searchable reports. At login, every Operation Center user sees only the Merchant accounts, tasks and reports for his/her access rights. A user’s role may include rights to view reports, configure the Payment Gateway, set up Operation Center users, set up merchant and host accounts, process credit or complete single authorizations.

User Roles Responsibilities:
Accountant Review credit card merchant reports based on assigned merchant access
Cashier Can process credits and single authorizations

The uPay features of Marketplace allow you to configure online payment pages that you can connect to existing campus web applications. You can customize your uPay site for handling specific transactions. uPay focuses only on the payment pages. Your product pages are created in your campus application external to uPay. The web application then calls the uPay site when it is time for a payment to be accepted. uPay can pass information back to the campus web application regarding the status of the transaction. The ITS Business Analyst from Enterprise Applications will work with each Merchant to develop the uPay site(s). You will have the option of performing a full refund or a partial refund through your uPay site.

For any technical questions or to establish your uPay site and user access, after your merchant account or a change to your merchant account has been approved, contact Enterprise Applications through

Related Data



July 18, 2011