How Secure Payments work in a PCI Compliant Environment
The Government of Alberta is PCI Compliant
Employees are not able to accept payments in the following ways:
- Accepting credit card numbers provided verbally over the phone,
- Accepting card numbers provided in an email,
- Accepting card numbers provided in a fax or mailed letter,
- Accepting card numbers provided in a voicemail,
- Accepting credit card payments manually without a proper point of sale (POS) terminal, or
- Keying a credit card number into a POS terminal for a Card Not Present (CNP) transaction.
In many cases, the order process will similar, except when it comes time to provide your credit card number.
Ministries continue to process orders received by mail, phone, fax or email, although some Ministries may no longer offer all of these options. During the checkout process, clients using any of these methods and paying by credit card are:
- referred to a secure automated telephone payment system
- referred to a secure pay page powered by TD Merchant Solutions, or
- sent an email containing a link to a pay page.
Where available, clients can also pay in person. Card payment options may vary from Ministry to Ministry.
See below for diagrams explaining how payments are processed for requests made by internet, email, telephone and fax orders. Making payments a PCI compliant environment is easier than you think. Click here for the "How Payments are Made" diagrams in pdf format.
Internet order - pay online:
Email or Telephone or Fax or Mail order - pay online:
Email or Telephone or Fax or Mail Order - pay by phone:
GPAS is a secure online payment system that provides a way for the client to pay online. GPAS can be used to process payments for transactions initiated by phone, fax, mail and email.
Example: You are ordering a book by email. The business unit processes the order on its GPAS system and emails you a payment request that includes a transaction number and a link to the TD Merchant Solutions pay page. You click on the link to open up the TD Merchant Solutions pay page and fill in the fields like you would in any other e-commerce pay page. After you complete your payment, GPAS emails the business unit payment notification for the service/product you ordered. GPAS then emails you a payment receipt, and you are done. The same process can be applied to fax, mail and phone orders.
See diagram (pdf).
Telepay is a secure payment system that provides a way for the client to pay by telephone. Telepay can be also be used to process payments for transactions initiated by fax, mail and email.
Example: You are requesting a permit. The employee on the other end of the line handles your request like before, until it is time for you to provide your credit card number. The employee will ask to either put you through to Telepay, or email you a payment request just like the book order example mentioned above. If you choose to pay by phone, the system puts you through to Telepay. You simply follow the prompts and key your credit card information right into your phone. In both cases, the system generates a transaction number that ties the payment to the transaction. The credit card information goes directly to TD Merchant Solutions.
See diagram (pdf).