Hotel PCI compliance

Why hotels should care about PCI compliance

Accommodation providers need to ensure that they are safeguarding themselves against the threat of data fraud. The hospitality sector has been a target for fraudulent behavior and security issues, and even big hotel chains have experienced credit card security problems. Hotel chains Hilton, Starwood, and Hyatt have all reported credit card security issues. With many travelers relying on credit cards as a payment method, accommodation providers need to be more vigilant about data security. An information security breach can have a serious impact on your reputation, no matter what your size.

What is PCI compliance?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements to protect cardholder account information. It applies to companies of any size that accept credit card payments. PCI DSS is a consistent and uniform set of standards among the five major credit card brands (Visa, Mastercard, American Express, Discover, and JCB) and provides a good basis for data security surrounding the storage of credit cards.

PCI compliance means a company has taken steps to protect cardholder data through the guidelines provided by the PCI council.

To store, process and transmit cardholder data, you need to host that data securely with a PCI compliant hosting provider.

Why is PCI compliance so important?

PCI compliance is a good start to protect against a hack or information security breach. PCI compliance is important so guests can book with confidence, knowing that their credit card data is stored securely. PCI compliance also helps with banks, as they are more likely to issue merchant facilities to your property if you are PCI compliant.

Avoiding a breach of your guests’ data should be a top priority for accommodation owners as having a security breach can undermine a customer’s trust and have damaging impacts on your brand and reputation. A breach can also have financial repercussions such as fines, fees, chargebacks, and investigation costs.

Being PCI DSS compliant demonstrates that you have taken steps to ensure your guests’ payment information is protected and is securely stored.

What can you do to keep customer data secure?

Every hotel that stores transmits or processes credit card data must be compliant with PCI DSS.

Conduct regular staff training

Anyone in your hotel dealing with credit card information should be aware of the risks of data fraud. Educate your staff on how to securely handle credit card data, and the importance of securing the information. Make it clear that it’s unsafe to write down or email credit card numbers and associated sensitive information.

Review hotel processes

Data security is constantly changing, and you need to review your processes to make sure sensitive information is being thoroughly protected, and carefully stored. Restricting access to sensitive information and logging and tracking access points to sensitive information can help in reducing the risk of a security breach.

Use a payment gateway

Payment gateways are an easy way for you to securely store credit card details to a guest’s booking. Most accommodations that need to store credit card data will use a third party credit card vault and tokenisation provider (Braintree, Stripe, Payment Express). By using a vault, the card data is removed from your possession and you are given back a “token” that can be used for billing. By using a payment gateway integration, you move the risk of storing card data to someone who specialises in doing that, and that has all of the security controls in place to keep the card data safe.

PCI compliance and Preno

At Preno, we know how important it is to store data securely and be PCI compliant. Preno uses payment gateway integrations to offer our customers a secure way to store their guests credit cards. The payment gateways use a tokenisation system to securely store guest credit card information, from pre-stay through to check out.

Complexity is the absolute enemy of security and productivity for any accommodation provider. The simpler you can make your software and security solutions, the easier it will be to manage and secure your data.

With Preno’s,  simple hotel property management software we believe in helping accommodation providers, providing exceptional guest experiences that’s more enjoyable using simple software solutions. To find out more about Preno, get in touch with us here

About the author

Amanda is Preno’s content strategist, with added skills in copywriting and digital marketing. Working across Marketing & Sales, she enjoys writing content that covers trends, tips, and resources that help empower hoteliers.