Louisiana.gov logo Government > Division of Administration > Oes > Lpgw > Administration Guidelines Agencies  | Contacts  
Payment Gateway Home

Program Overview

LPGW Concept

Payment Capture Solutions

Frequently Asked
Questions  

Common ACH Banking Terms

Electronic Payment
 Terminology

Policies and Guidelines

State Treasury Acceptance
 & Merchant Account

Acceptance Process

Basic Functionality

Technical Information

Statewide Contracts

Governance

State Teasury Acceptance Merchant Acct Procedures

ACH EFT Process & Diagram

To authorize Louisiana state agencies to maximize acceptance of electronic payments including credit/debit cards payments.

Program Administration

Louisiana government business includes all departments, agencies, boards, commissions, and authorities governed, legally controlled and financially accountable to the state's executive, legislative, and judicial branches. Although state agencies offer diverse services, the Office Electronic Services intends to use a statewide enterprise approach, entitled the Louisiana Payment Gateway (LPGW), to implement electronic payment of acceptance in coordination with the Louisiana Department of the Treasury.

1. Acceptance of Debit and Credit Cards

All state governmental entities may accept credit/debit cards where determined to be economically feasible and is approved and in concurrence with the Office of State Treasurer. All State agencies that wish to accept credit or debit cards or electronic fund transfers must follow the procedures and regulations established by the Office of Electronic Services and Louisiana Department of the Treasury. This includes participation in the Louisiana.Gov Payment Gateway unless prior permission to establish a separate but like program is granted to the agency in writing by the Louisiana Department of Treasury. Those agencies/institutions with current payment processing contracts should consider migrating to the statewide Louisiana Payment Gateway for efficiency, more statewide standardized processing, and cost effectiveness as those
contracts are completed. Participation in the Louisiana Payment Gateway will require signing an Agency Participation Agreement.

2. Effect on Account Receivable and Case Management

The acceptance of credit/debit cards by a state governmental agency for payment of goods, services, and fees should have a minimal negative impact on current account receivable and cash management processing or policy. The processing of a payment by credit/debit card should be no slower than in processing of payment by check for the actual deposit of funds to a state account. Agencies should receive the account summary report in electronic form. All state agencies accepting electronic payment through the Louisiana Payment Gateway should have reliable access to an electronic medium such as e-mail or the Internet. The Louisiana Payment Gateway will electronically provide data that is required by the participating state governmental agencies for account summary reporting, including the date and time stamp. All monies received should be deposited with the Louisiana Department of the Treasury or as otherwise specified by state law.

Any heads of any department of the State of Louisiana which collects revenue for the State are required to deposit all funds belonging to the State of Louisiana on a daily basis according to applicable State laws, rules, and regulations.

3. Approval Authorization for Acceptance

All credit/debit card transactions must have real time approval authorization from the Louisiana Payment Gateway prior to acceptance for any payment and fulfillment of a sale. Each participating state governmental agency is responsible for developing and documenting procedures to handle credit/debit card exceptions. Included within those procedures should be
handling of a no-match situation when using an address verification service (other than that provided by the Louisiana Payment Gateway), charge backs, unauthorized card use, and request for an alternate form of payment when card is not authorized. The agencies' procedures should complement the statewide business environment and support statewide policy.

4. Receiver Authentication and Authorization for EFT Transactions

All state governmental agencies that support Electronic Funds Transfer (EFT) should provide for authentication and authorization of the Receiver (i.e. Citizen or Business) to originate debit or credit entries against the Receiver's account. The subsequent authorization will constitute an agreement with the Originator, (i.e. State Agency) under which the Receiver has agreed to be
bound by the National Automated Clearing House Association (NACHA) rules and regulations governing the specified electronic transaction. Each Agency is responsible for developing, documenting, and implementing procedures to obtain written or signed authorization of the Receiver. This includes signed or written authorizations provided electronically in accordance with the Electronic Signatures in Global and National Commerce Act (15 U.S.C §7001 et seq.) that defines electronic records and signatures. Agency procedures should address retention of authorization and revocation of authorization. The Louisiana.gov Payment Gateway shall provide commercially reasonable procedures to verify that routing numbers are valid prior to
initiating ACH debit/credit transactions. The participating Agency procedures shall complement the statewide business environment and support statewide policy.

5. Billing and Payment of Electronic Processing Fees and the Use of Appropriated Funds

Each state governmental entity is responsible for obtaining the funds necessary for supporting the cost of accepting and processing electronic payments and payment of their electronic processing fees in accordance with the Agency Participation Agreement as approved by the Office of Electronic Services and the Louisiana Department of the Treasury. Processing fees
shall be recorded to a statewide expenditure account.

6. Credit/Debit Card Payment Confirmation

All Louisiana.gov Payment Gateway credit/debit card transactions shall provide for order confirmation and payment at the time of order and sale. Privacy of electronic transactions must be maintained. System generated messages must contain the order number. Only the card type (MasterCard, Visa, Discover, or American Express) and the last four (4) digits of the credit/debit
card are allowed. The account number of the cardholder is prohibited.

7. Customer Billing Disputes

National card associations or other similar organizations for proprietary cards establish the rules governing disputes. All disputes for card transactions shall be processed in accordance with the rules specified by the application card organization.

Each state agency and its customer will resolve transaction disputes, with the assistance of the Office of Electronic Services. The Louisiana Payment Gateway shall process the appropriate correcting transactions subsequent to the resolution of the dispute.

All correcting financial transactions resulting from disputes shall be supported by fully detailed information in all reporting activity.

8. Security Privacy and Nondisclosure of Information

A sound system of business and computerized controls must be implemented to ensure that operations are conducted efficiently, effectively, and in accordance with Louisiana's financial controls as well as the applicable Louisiana laws, rules, and regulations.

Confidentiality

It is the policy of the State of Louisiana to protect individual privacy to the extent permitted by law. Louisiana statewide contracts stipulate that agencies must not release individual account numbers. State governmental agencies may, however, generate public reports utilizing aggregated data such as trends in usage or other statistics.

Business and System Controls

The public and business communities expect secure financial transactions in all electronic transactions with state government. Accordingly, each participating agency/institution shall exercise management oversight and controls to ensure the confidentiality and integrity of financial transactions within their scope of electronic payment processing activities. Computer security measures, including physical security, logical application controls, and transmission security must be implemented to satisfy the integrity and confidentiality objectives as well as eliminating or reducing the general risks associated with computerized systems. All staff involved in the transaction of electronic business must be aware of the security requirements.

Requirements: Entities under the Program Administration section of these guidelines that wish to participate in the Louisiana Payment Gateway must comply with the enrollment requirements before their Agency Participation Agreement is approved by the Office of Electronic Services (and Louisiana Department of the Treasury, if applicable). Requirements related to confidentiality and security include:

  1. It is the responsibility of each agency to develop internal procedures for the handling of client-specific confidential information such as account number information. Such procedures will be submitted to the Office of Electronic Services prior to implementation.
  2. As stipulated in the statewide credit and debit card contracts, agencies must comply with the following requirements:
    1. Unless compelled by law, an agency shall not use, disclose, or disseminate cardholder account number information except for the purposes of processing the associated financial transaction.
    2. The agency must use proper controls for and limit access to all records containing cardholder account numbers and card imprints.
    3. All records containing card account number information must be made unreadable prior to discarding.
    4. The agency shall not retain the cardholder account number information on the magnetic stripe on the card after a transaction has been authorized.
  3. Web application sessions that process cardholder account information must be implemented using the DES encryption method with a minimum 40-bit key strength. Higher levels of encryption (e.g., 56-bit or 128-bit) may be adopted in the future, as browser support for these methods becomes generally available to the State's constituents.
  4. Agency e-commerce applications that process electronic payments must perform a security risk assessment to identify security risk factors on the application and the actions required to mitigate those risks.

Enforcement: Non-compliance with this guideline and its requirements is subject to Office of Electronic Services and agency management review and action that conforms that state disciplinary policies and any and all relevant legal actions.

9. Transaction Fees

Transaction fees may be charged to cover the cost of permitting a person to complete a transaction through the Louisiana Payment Gateway. The fee applied shall be in accordance to those approved by the Louisiana Department of the Treasury. The transaction fee will be recorded to a statewide revenue account. The transaction fee will be recorded separately from the
transaction revenue.

All state entities imposing a transaction fee must comply with Louisiana law and the rules and regulations of the Louisiana Department of the Treasury.
Home
Policies
Site Map
Accessibility
Contacts