With UBC’s Digital Payment Program to replace ePayment launched, all ePayment onboarding requests will be redirected to DPP

Learn more

You are here:
Home > Web Service > Requirements

Web Service Implementation Requirements

There are various requirements that you and your website/shopping cart (Merchant Web Service) must meet in order to integrate with ePayment Web Service.

Please note: All new and in some cases, existing merchants may be asked to undergo the Privacy Impact Assessment (PIA). For more information, please review: https://epayment.it.ubc.ca/news/privacy-information-assessment-pia

 Privacy & Security:

  • Merchant Web Service must be able to generate unique transaction IDs that are retained across system restarts.
  • Merchant Web Service must be able to send and receive https messages, i.e Merchant Web Service must use a valid SSL. (Please not that self signed ssl certificates will not be able to connect to epayment system)
  • Merchant Web Service must be able to receive, process and reply to POST messages.
  • Merchant Web Service must allow ePayment to post messages to it, i.e. firewalls must be open to the ePayments servers.

 Technical:

  • You must provide a default item description for items to be purchased.
  • You must provide a default contact email for display to the customer in case of queries regarding a payment.
  • You must have your own website to redirect customer to the ePayment Web Service. (Don't have a website or shopping cart? UBC IT may be able to help!)
  • You must have an account with UBC Finance in order for ePayment to generate JV entries. Please see Accounting Information.

 PCI DSS:

  • You or your Developer provide the IP address(es) of your Merchant Web Service for vulnerability scans. If the IP address(s) change, ePayment Support must be informed.
  • You must be a UBC entity and the monies collected must be for a UBC related activity - you will need to provide a statement of business purpose. If it changes, you will need to inform ePayment Support.
  • If the server for your merchant system is located outside of Canada, the website must have a privacy clause statement checkbox prior to payment checkout. Example:

    5  I consent to the secure storage of my personal information outside of Canada (in the U.S.A) in accordance with the privacy policy of {ePayment Merchant} outlined at {http://insert the web address of {ePayment Merchant's} privacy policy}.

 

 

A place of mind, The University of British Columbia

UBC Information Technology
6356 Agriculture Road
Vancouver, BC V6T 1Z2,

Emergency Procedures | Accessibility | Contact UBC | © Copyright The University of British Columbia