Keeping Credit Card Information Secure

IEEE provides a set of best practices for keeping your cardholder data secure. IEEE recommends that you review and share these guidelines with all your volunteers.

Payment Card Industry (PCI) compliance

IEEE follows Payment Card Industry (PCI) Data Security Standards. These standards were created by the major credit card companies to protect cardholder information and to prevent credit card fraud. Even if your software is PCI compliant, credit card data can be compromised if you neglect to keep it secure when entering or storing it outside the software system.

Any registration or payment software that you use that holds credit card data must be PCI compliant. Conference volunteers must follow PCI compliance regulations when processing credit.

  • Conferences are not allowed to hire non-compliant third parties to electronically collect or store credit card information.
  • Volunteers can only access the last four digits of credit card numbers in the registration software.
  • Conferences should contact their registration company if they have any issues or questions about credit card activity. The registration company will have the detailed information to assist you with reconciling daily batched transactions posted to the conference's merchant account and the registration system.

Handling credit card information

Any credit card information that you receive must be handled with care. Follow these guidelines:
 

Method Description
Telephone
  • Enter the credit card information immediately into the registration application.
  • Do not write the credit card information on any other documents or papers.
Facsimile
  • Place the fax machine in a secure location.
  • Enter the credit card information immediately into the registration application.
  • Lock all printed forms with credit card information in a secure location.
E-mail IEEE strongly discourages sending credit card information via email. Sending by fax is the preferred method.

  • If you received information by email, enter the credit card information immediately into the registration application.
  • Do not print out the email.
  • If you need to reply to the email, remove the credit card information from the email before sending.
Mail
  • Enter the credit card information immediately into the registration application.
  • Lock all printed forms with credit card information in a secure location.
On site: online
  • Swipe the credit card in the credit card machine.
  • Return the credit card to the registrant immediately.
  • Do not write the credit card information on any other documents or papers.
On site: paper
  • Keep registration forms with you at all times in a secure location.
  • When traveling, keep registration forms in your laptop carry-on bag.
  • Do not put registration forms in checked baggage.
  • If mailing registration forms, use an express carrier such as UPS or FedEx and not regular mail.
  • If transmitting registration forms electronically, scan, and email in a password-protected document and email the password in a separate document. Immediately shred the forms.
Refunds
  • Do not issue check refunds for payments originally made by credit card.
  • Only issue refunds to the credit card the original charge was made on, not to a different card.

 

Credit Card Verification Codes (CVC)

The credit card verification code (CVC) is used by merchants for transactions that occur over the Internet, by mail, by fax, or over the phone.

The CVC is the 3-digit code found on the back of a Visa, MasterCard or Discover credit card or the 4-digit code found on the front of an American Express credit card. CVC is a security feature for credit card transactions that increases protection against fraud. CVC can also be referred to as CVC1, CVV1, CVV2, CVC2, CSC, or CCID.

Required Task for Conference OrganizersThe CVC should only be used for verification. Never store the CVC in an online database or paper record, as this makes credit card fraud possible.

Who do you talk to at IEEE?

IEEE is ready to help. If you have questions about keeping credit card information secure, please contact us at merchantaccount@ieee.org.  

Do you have other questions about organizing a conference? Please see IEEE Conference Organizer Contacts.

Do you have feedback on the information on this page?

  • Is there missing or incorrect information?
  • Do you have a tip to share?

Please send your feedback to IEEE Conferences. Events & Experiences (CEE).