e-Commerce 4.0 for the IT Professional IT Thomas Mantooth/Datatel Stu Story/Datatel Andy Kleehammer/Datatel

Agenda What is e-Commerce 4.0? What is the Payment Gateway? Colleague Core Web Service Payment Gateway Requirements Colleague Core Web Service Requirements Deployment and Installation Configuration

The Regulatory Evolution Visa CISP PCI - DSS PABPPA-DSS

The Regulatory Evolution Datatel has been monitoring the evolution of credit card data security standards and evaluated two options with respect to addressing the current PA-DSS data security standards – Option 1: Make the necessary modifications to the Colleague e-Commerce solution and obtain and maintain the necessary certifications – Option 2: Make the necessary modifications to the Colleague e-Commerce solution such that, by definition, Colleague is no longer a payment application This decision will allow us to focus on enhancements to e- Commerce functionality – freeing us from the “regulatory chase” T HE DECISION WAS TO MAKE THE MODIFICATIONS SUCH THAT C OLLEAGUE E -C OMMERCE IS NO LONGER A PAYMENT APPLICATION T HE DECISION WAS TO MAKE THE MODIFICATIONS SUCH THAT C OLLEAGUE E -C OMMERCE IS NO LONGER A PAYMENT APPLICATION

What is e-Commerce 4.0? With e-Commerce 4.0 Datatel is launching the new “hosted model” e-Commerce solution –Colleague will no longer support the entry, transmission, or storage of sensitive credit card information –The entry, transmission, and authorization of credit card transactions will now be completed in a secure partner environment –Any encrypted credit card numbers and CVV2 data currently stored within Colleague will be removed as part of the post installation processes Colleague uses the new Payment Gateway to redirect the user the payment provider’s website This new methodology will be deployed for all Datatel interfaces in all places where credit card payments are accepted – including Datatel Recruiter e-Check processing in Colleague is not impacted

What is the Payment Gateway? A central component of e-Commerce 4.0 that makes moving to hosted credit card entry possible Serves 3 purposes: 1) Directs a user and payment data to a payment provider’s (PayPal or OPC) website 2) Records payment transactions in Colleague or Datatel Recruiter 3) Directs the user back to Colleague or Datatel Recruiter

What is the Payment Gateway? (cont.).NET web application installed on an external facing Windows server One instance of the Payment Gateway can support one Colleague and one Datatel Recruiter environment simultaneously Makes use of the Colleague Core Web Service

Colleague Core Web Service A.NET web application used to authenticate against a specific Colleague environment The Payment Gateway uses this service to acquire a connection to a Colleague environment during the credit card authorization process This component is used by more applications than just the Payment Gateway

Payment Gateway Hardware Requirements External Windows Server P4 w/ 2.1 GHZ processor minimum 5 GB of free disk space 1 GB of available memory If you have Datatel Recruiter, Datatel recommends you install the Payment Gateway on the same server as the Recruiter Admissions Application Datatel does not recommend installing the Payment Gateway on the same server as WebAdvisor or the Datatel Portal

Payment Gateway Software Requirements Windows Server 2003, 2008, or 2008 R2 IIS 6.0, 7.0, or 7.5.NET Framework 3.5 SP1 ASP.NET 2.0.x

Colleague Core Web Service Requirements Same hardware & software requirements as the Payment Gateway except installed on an internal server Separate from the Payment Gateway server in order to centralize it for use by multiple Datatel services Datatel recommends installing this on the same server as UI 4.x

Certificates Certificates required to secure communications between servers Provider’s server to Payment Gateway Certificate Authority’s root certificate for the certificate that the Payment Gateway uses must already be installed with all Datatel supported web browsers Datatel recommends using a wildcard certificate for multiple Payment Gateways on the same server Payment Gateway to Colleague Core Web Service Payment Gateway to DMI secure port Payment Gateway to Datatel Recruiter e- Commerce web service

Recommended Deployment

Installation InstallShields used for both Payment Gateway and Core Web Service Option to install on new or existing IIS website

Payment Gateway Configuration Tool Configuration tool also installed on external server to setup Payment Gateway Tool is a snap-in to Microsoft Management Console (MMC) MMC is utility available on Windows servers that lets you manage many aspects of your server

Payment Gateway Configuration Tool (cont)

e-Commerce 4.0 Software Updates SU – DMI –Can be installed with e-Commerce 3.7 –SU – Critical SU for SOAP/Java 1.5 SU – UT –Can be installed anytime after WA Remaining updates must be installed together –SU – CORE –SU – AR/CR –SU – CA

CORE Setup Changes New e-Commerce data –New files –New fields Setup changes for… –e-Commerce Provider –Payment Method Setup Changes –e-Commerce Provider Account Mapping Post-install subroutine New WebAdvisor forms

New parameters Logical file: EC.PMT.GATEWAY.PARAM Stored in CORE.PARMS Maintained on ECPG form –URL to Payment Gateway start page Detail to HKLM (Hyperlink Maintenance) –UI Payment Timeout Value –WebAdvisor Payment Timeout Value

New e-Commerce file: EC.PAY.TRANS Contains all data for 1-time credit card payments and authorizations –Data for other transactions in ECT.LOG Initial data created by Colleague payment process: CREN, WMPT, GFE, WMAG, etc. Data processed by Payment Gateway –Data passed to e-Commerce provider –Updated data from e-Commerce provider Contains data for WebAdvisor payments

New e-Commerce fields Provider Account setup fields (ECPA) –Username –Account-specific information Name/value pairs –Username and value fields are encrypted Country setup (CTRY) –ISO Code field –Defaults to country code

e-Commerce Provider Setup (ECPA) Username field –Optional –Needed for PayPal best practice Will become future PayPal requirement Name/value pairs –Required for some OPC transactions –Used to activate DMI extension logging

Payment Method/Mapping Changes Payment method changes –Web-enabled payment methods must also be enabled for e-Commerce –Disallows use of non-ecommerce credit cards through Colleague Mapping changes – new transaction types –RCCSETUP – Recurring credit card setup –RCCSALE – Recurring credit card payment New transaction types for Advancement only

Additional setup OPC clients –Change URL on ECPR –Provide return URLs to Payment Gateway PayPal clients –Payflow Link configuration on PayPal Manager –Critical options Return URLs to Payment Gateway Required/editable fields

Automated post-install routine – CORE Updates list of encrypted data elements –ALL Core e-commerce data elements –Not just those added with e-Commerce 4.0 Updates payment methods for non-EC credit cards –Changes web-enabled flag to “No” Sets default timeout values for ECPG –120 seconds for both UI and WA

WebAdvisor changes Payments by e-check –No changes Payments by credit card –Will route to PAYPROCA Special processing for URL and arguments –Goes to provider’s site –Returns to PAYPROCB Only for successful transactions Add to Do Only These security classes

WA Credit Card Payments Workflow

AR/CR Changes – e-Commerce 4.0 Automated post-install subroutine –Updates AR/CR encrypted data elements Adds RCPT.ENCRYPTED.EXPIRE.DATES Removes RCPT.ENCRYPTED.CONTROL.NOS –Clears all values stored in RCPT.ENCRYPTED.CONTROL.NOS Process all non-EC credit card refunds first –Changes “Payment Verify Implemented” flag on FIWP to “No”

UI form changes (CREN, CRAF) Pay Method window changes –Amount to Pay after Pay Method –New Card Reader field –Convenience Fee displayed Credit Card payments –Control number, Expiration date, & Confirmation numbers populated

WA Payment Acknowledgements All payment workflows now… Display all data required by VISA Show payment method used on provider’s web site, if available Send acknowledgement –Looks like web form –Custom entries included on –Uses same CSS as acknowledgement form

WA Payment Acknowledgements Pay on My Account/Payment Plan –Includes acknowledgement paragraph (FIWP) Use “N” option on DPAR to remove line breaks –Shows detail for AR payments Can be multiple terms from WMPT Instant Enrollment –Displays same class info as before –Clients can customize message using UTER

acknowledgement example

Configuration – Colleague Advancement Post-Install subroutine deletes credit card data in CA.PAYMENT records –CAPAY.ENCRYPTED.CONTROL.NO –CAPAY.CCV2 All existing automatic credit card payments will need to be re-authorized Re-enable Make a Gift and Make a Pledge Payment, as necessary on MCWP

Make a Contribution Web Param (MCWP)

Managed Deployment Due to the complexity and crucial nature of e-Commerce 4.0, Datatel adopted a managed deployment program –Access to the software is by retrieval code only –Key steps must be completed and validated by Datatel in order to obtain the retrieval code Program cessation date is March 22nd at which point e-Commerce 4.0 software updates will be available through the normal mechanisms –Safeguards will be gone! Please! Read and understand the documentation well BEFORE you start the process!! A WELL THOUGHT - OUT IMPLEMENTATION PLAN – WITH TIMELINE – IS REQUIRED !

e-Commerce 4.1 Available Q –Subject to availability by providers Support for credit card readers –Not available in e-Commerce 4.0 –OPC clients using card readers must purchase new encrypted card readers –Existing readers work with PayPal All known issues from 4.0 resolved

e-Commerce 4.X Resources Documentation for Migrating e-Commerce Clients –Installation Procedures: Payment Gateway –Installation Procedures: e-Commerce 4.0 –Installation Procedures: e-Commerce coming soon –Release Highlights: e-Commerce 4.0 to coming soon Documentation for newly implementing e- Commerce Clients –Installation Procedures: Payment Gateway –e-Commerce Installation & Administration

e-Commerce 4.X Resources e-Commerce e-Learning Portal – Single-source for accessing on-demand, self-paced training and other resources. Recorded sessions Installation worksheets and implementation tools and checklists Reference a library of end user job-aids Installation Services including the installation and configuration of the Envision software updates, the Colleague Core Web Service and the Payment Gateway – Technical planning call: discussion of the technical planning call to confirm requirements for hardware and software updates and to ensure readiness for installation. – Installation and configuration of the Core Web Services and the Payment Gateway in the Test environment; and turnover to clients for testing – Installation and configuration of production environment Client Communities and the e-Commerce 4.X Forum Sign-up for “Office Hours” with Datatel staff through the webdemo room – Mondays and Wednesdays, 4-5pm eastern through March 30th

Next Steps Decide – Will the institution “go live” on e-Commerce 4.0 or e- Commerce 4.1? Take advantage of the guidance provided by the Managed Deployment; available through March 22 nd Take advantage of Office Hours; available through March 30 th Decide – Will you require installation support from Datatel? Decide – Will you want to take advantage of the e-Commerce 4.X learning Portal? If you are not using Colleague e-Commerce but would like to know more about how it – contact your Client Business Relations team.

e-Commerce 4.0 Betas T HANKS TO OUR B ETAS  Amarillo College  Anne Arundel Community College  Chaffey College  College of Western Idaho  Dallas County Community College District  Metropolitan Community College  North Island College  Union University W E ARE LOOKING FOR BETAS FOR E -C OMMERCE 3.7 TO 4.1!!

Questions ?

IT 28167