Electronic Commerce – Third Party Solutions
A third party solution may only be considered if the Merchant has already reviewed the
Use of an alternative method may be approved on a case-by-case exception by the Bank Card Committee.
The following is required by the Bank Card Committee to consider an alternative:
- Provide and present to the Western eCommerce Team documentation about the proposed
ecommerce application, site architecture and security;
- Complete the Technology Risk Assessment Tool before seeking approval for and implementing any third party system;
- Providers of payment applications must provide an Attestation of Compliance (AOC) certificate to the Merchant which then must be forwarded to the Bank Card Committee.
Once approved, the Merchant must:
- Report any changes in their payment applications and/or bank card processes that would affect Western's PCI environment to the Bank Card Committee;
- Understand and abide by the policies and procedures;
- Remain compliant with the most current version of the PCI DSS, Merchant Agreement and Card Brand Rules and Regulations.