Use eGov Contract VA-120413-BPI
Using eGov Contract VA-120413-BPI, all public entities throughout the Commonwealth of Virginia and the United States may negotiate, administer and contract with AISN to develop, install and maintain web-based systems for payment processing and related services.
AISN has been serving the Commonwealth of Virginia since 2012 and is a trusted PCI-DSS Level 3.2 service provider.
What is AISN GovPal©?
GovPal© is a full lifecycle transaction management solution hosted in the cloud in our PCI-DSS compliant data centers. The solution not only includes gateway and merchant services but also extensive financial reporting and funds disbursement. Learn more about AISN’s independently audited PCI DSS 3.2 environment.
Convert your manual process to a secure online transaction that integrates with your systems. Citizens get more consumer choice, and you’re enabled to invest more in the community with the taxpayer money that you save.
AISN provides multiple layers of physical and technical security, high availability and broad options for encryption, access control, vulnerability scanning, network security scanning, and more.
How Does AISN’s GovPal© Work?
Consumers navigate to websites maintained by state agencies for the purpose of purchasing goods and/or services.
Consumers choose goods/services to be purchased from the agency and a “shopping cart” is created.
Consumers wishing to pay with PayPal or a credit card click a link and are redirected to a govpal.net/va url.
The redirect creates an encrypted SSL connection to the govpal.net servers hosted with AISN.
PCI Compliance: None required at this stage.
Agency Tech Notes: This process matches that which is currently used by the Commonwealth and will require minimal changes to agency websites.
GovPal© Portal Servers
AISN hosts the GovPal© WFE server containing the payment portions of the user experience. These pages have been “skinned” in the same style as the Commonwealth’s virginia.gov website to maintain a consistent user experience. Consumers provide their Personally Identifiable Information (PII) and credit card payment information. No PII or payment data is stored. Information is transmitted via an encrypted SSL connection to the payment processor of your choice.
PCI Compliance: The AISN network infrastructure and portal servers transmit PII through the network and therefore are PCI compliant with Self-Assessment Questionnaire C. Compliance measures include SSL Certificate Encryption, quarterly network scans by an approved scan vendor, server security monitoring and an annual self-assessment.
The payment processor, Elavon, receives the PII and payment information from the GovPal© servers. The payment is processed and a Response Reason Code is generated indicating whether the transaction has been approved or denied. The Response Reason Code is transmitted back to the GovPal© servers and passed back to the agency. The consumer is presented with a transaction summary page. Payment processor databases retain relevant transaction data so that the vendor can see historical data pertaining to their sales.
PCI Compliance: Payment processors maintain an environment that is PCI Compliant with Self-Assessment Questionnaire D. Compliance measures include quarterly network scans by an approved scan vendor, security monitoring, encryption of PII within the database and an annual audit.
Digital Government Uses
- Taxes (Motor Vehicles, Business Services, Libraries, Permitting, Tourism)
- Professional Licensing
- Schools & Sports
- Outdoor Licensing
- Construction Registries
- Vendor Payments
Benefits of Digitizing Transactions
- More secure
- Available to consumers 24×7
- Fewer late fees
- Automated (Time Savings, Increased Productivity, Improved Citizen Experience, Better Customer Service, Business-Friendly Environment)