If your business takes takes credit card payments, the requirement to be PCI Compliant applies to you.
There is a great deal of confusion around what is required to become PCI compliant however the list of requirements is actually quite straight forward. Many businesses we speak with are confident that they meet all of the requirements required, in reality this is rarely the case. Often PCI compliance is seen as an IT thing, which is only partly true as PCI compliance applies to many aspects of business process, including physical aspects such as writing down credit card numbers on guest registration cards or the recording of telephone calls to your reservations team as they take card payments over the phone. PCI applies at all touch points and guest interactions regarding the processing of payment transactions, via ecommerce and webooking engines, or card holder not present transaction such as deposit payments or no shows.
The penalties for being the source of credit card fraud can be very costly indeed, with a potential 90 day window to bring everything up to speed or forfeit your merchant status removing your ability to take credit card payments.
The Twelve Commandments of PCI Compliance
Tokenisation and integrated payment solutions.
Tokenisation is technology that can significantly reduce your business risks around the storage of card holder data and therefore scope of PCI.
Tokenisation technology means that as you gather the payment from a customer, the card data never sits on your systems it gets sent of to your payment processor who store the information on your behalf, sending you a secure transaction code that references the transaction but does not contain any client card data or personal information itself. You still have the ability to charge the card on file as the transaction reference allows the payment processor to call up the payment card details that they store and make the charge to the card.
A payment gateway can also provide other benefits of having an integrated payment solution, such as easier reconciliation of credit card payments and the ability to close cheques within your POS system as soon as the payment had been completed are just some of the advantages of implementing an integrated payment system.
We work with a number of the leading payment processors and can assist with the implementation of a tokenised payment solution and payment gateway.