about the north carolina office of the state controller

Common Payment Services Overview

 

What is the Common Payments Service (CPS)?

CPS is a gateway service provided by the OSC through the Office of Information Technology Services (ITS), available to a participant of one or both of the two Master Services Agreements (MSAs) that OSC offers to support the statewide "EFT/ACH processing services" and "Merchant Card processing services."

When does a participant need the services of CPS?
Participants requiring the services of CPS are those:
  • Having an internet application requiring a gateway to the processor (EFT and/or Merchant Card vendor).
  • Desiring a virtual terminal for capturing card not-present transactions, such as Mail Orders and Telephone Orders (MOTO).
  • Not having the ability to transmit ACH files directly to the originating bank (ODFI).

When does a participant not need the services of CPS?
  • In the case of ACH, the participant may have the capability of transmitting the ACH file directly to the bank, either through a direct transmission, via a VAN, or through Wachovia’s WebAchieve.
  • In the case of Merchant Cards, a gateway is not needed if Point of Sale (POS) terminal is the only capture method being used.
  • Participants desiring to use a third-party gateway service instead of CPS may only use one that has been pre-approved by OSC.

What are the primary functions provided by CPS for merchant card processing?
  • Processing real time authorizations
  • Processing the batch files for settlement at the end of each day

What are the primary functions provided by CPS for ACH processing?
  • Warehousing of transactions received prior to settlement date
  • Transmitting ACH files to the EFT bank on a timely basis
  • Both ACH credit (outbound) and ACH debit (inbound) transactions can be processed

What reports are provided by CPS relating to merchant card processing?
  • Authorized Merchant Card Transaction Report
  • Settled Merchant Card Transaction Report

What reports are provided by CPS relating to EFT processing?
  • Settled ACH Files Report
  • Settled ACH Transactions Report

What types of interfaces does CPS’s Application Program Interface (API) accommodate?
  • Java-based applications
  • DCOM-based applications (Distributed Component Object Model)

Does CPS use any middleware to communicate with the Merchant Card Processor?
  • CPS currently uses Cybersource middleware, version 6.2. The middleware was formerly known as Paylinx.
  • ITS assumes the responsibility for keeping the middleware operational and up to date.

What type of connection does CPS have with the Merchant Card Processor?
  • Primary - Frame Relay
  • Primary Backup - Frame Relay
  • Secondary Backup - ISDN

What is the CPS Virtual Credit Card Terminal (VCCT)?
  • VCCT is a web-based application available to participants that accommodates card not-present transactions, such as Telephone Orders and Mail Orders (MOTO)
  • It is a thin client, Java based application
  • Once enrolled, User Procedures are provided by ITS
  • Password maintenance is performed by ITS

What are the fees charged by CPS?
  • Fees are set annually by the Enterprise Solution Services of ITS
  • There are no setup fees, only monthly transaction fees
  • Fees are included on the participant’s monthly ITS invoice.
  • The current fee for Merchant Card processing is $.35 per transaction (effective April 2008)
  • The fee for ACH processing is based on the monthly transaction volume. The “per item” fee ranges from $.0258 - $.08.

Does CPS create ACH files for a participant?
There are two methods ACH transactions can be received by CPS. One is through the CPS's Application Program Interface (API) on a "transaction by transaction" basis. The other method is the "batch" method, in which case the agency creates its own ACH file, using the standard ACH format, and transmits the file to CPS. Based on the date contained in the various files received, CPS then builds batches from all transactions submitted (API transactions and agency-batch transactions) and transmits one consolidated file to the ODFI.

When must ACH files be submitted to the CPS?
  • An ACH formatted file must be submitted to CPS prior to 8:00 p.m. one banking day prior to the effective settlement date.
  • The date on the file will determine the date that CPS transmits the file to the ODFI, not the date that the payment (credit or debit) will be effective (settles).
  • The effective date (settlement date for funds posting to the payee/payor’s bank account) will always be one banking day after the date on the file.

When must Merchant Card batch files be submitted to CPC?
Merchant card transactions should be submitted to CPS prior to 10:00 p.m. on the same day as authorized, in order to:
  • Receive next-day funding (if settling to a Wachovia Bank account)
  • Receive the best interchange rate

What are the primary forms associated with enrolling in CPS?
  • CPS Project Implementation Plan
  • Security Risk Assessment (SRA)
  • CPS Setup Form
  • ITS Bill Code Action Form

Do new merchant card participants have to be certified as PCI Security compliant?
Yes. All new participants must be certified as compliant with the Payment Card Industry (PCI) security standards. All participants must remain compliant.
 

As a service provider, is the CPS considered to be PCI Security compliant?
Yes, CPS is enrolled with AmbironTrustWave (ATW), which certified CPS as being compliant initially as of January 4, 2006.
 

Do participants utilizing a VCCT provided by CPS have to enroll the associated merchant number with ATW?
No. Virtual Credit Card Terminals (VCCTs) provided by CPS are Web applications covered under the scanning being done by ATW for CPS. Therefore, any associated merchant number is not required to be enrolled with ATW by the participant. However, PCI certification requirements for the participant are those that pertain to a stand-alone POS terminal.
 

Who should be contacted for technical questions pertaining to CPS?
The staff at Enterprise Solution Services, telephone 919-431-1595.
 

What other information regarding CPS should be consulted?
The power point presentation entitled “CPS-101” found on the SECP site should be viewed.