If you currently use a Stanford desk Voice over Internet Protocol (VoIP ) phone to collect or confirm credit/debit card information and process the payment or refund through any of the following payment methods, the desk phone must be encrypted per PCI DSS Compliance Policy #29.1.
- A Point-of-Sale (POS) credit card terminal
- A PCI workstation and a payment gateway virtual terminal (e.g. CyberSource VT)
- A PCI Point-to-Point Encryption (P2PE) key pad
Once the desk phone is encrypted, an after-business hours process will "reboot" the equipment in order to activate it. Please follow the below instructions to request VoIP encryption. Due to the volume of requests, please allow 4 - 6 weeks lead time to complete the encryption after your initial request. Please submit your request by 9/30 so that the VoIP encryption can be completed by the annual PCI DSS compliance deadline that will take place in the October ~ November timeframe.
Please follow the instructions below for submitting a ticket to request VoIP Encryption.
- Please use this link to create a ticket for ITS Voice Communication Services: stanford.service-now.com/it_services?id=sc_cat_item&sys_id=b90954d41365660019813598d144b0e7.
- Please start with this note in your ticket: "Please assign this ticket to the product management group for ITS Voice Communication Services."
- Fill out the following:
- List of telephone numbers for encryption and the name associated with each phone number.
- Building name, address and location of phones.
- Submit ticket.