Credit card details are now securely stored on a PCI-compliant server through an external partner to enhance security. This article explains how to create and use your PCI account to view guest credit card details safely.
Index:
- First-time login: Creating your PCI Account
- Looking up credit card details
1. First-time Login: Creating Your PCI Account
To access full credit card information, you will need to log in to a separate PCI-compliant environment. For security reasons, this environment has different login credentials from the Hoteliers.com dashboard.
How to Create Your PCI Account:
- Activation Email: The first time you receive a reservation with a link to the PCI-compliant environment, you will automatically receive a separate activation email to set up your PCI Account.
- Username: Your username will be automatically generated and will include the word 'hotel' followed by your hotel ID. For example, if your hotel ID is 2270, your username will be hotel2270. The username is provided in the activation email.
- Password: You can set your password via the activation email. If needed, you can click 'Reset password' on the login screen to create a new one.
Note:
If you are unable to reset your password or need help creating your PCI Account, please contact Support for assistance.
2. Looking up Credit Card Details
When you receive a booking confirmation via email or view booking details through the Hoteliers.com dashboard, a link to the PCI environment will be included. You can log in using your PCI credentials to access the full credit card details.
How to View Credit Card Details via the Dashboard:
- Log in to dashboard.hoteliers.com.
- Go to Bookings > Direct Bookings.
- Select the relevant booking.
- Click the link to the PCI compliant environment to view the credit card details.
Important Note:
Since 28-08-2017, booking confirmations no longer include the CVC code. For PCI compliance and security, we are not allowed to request or store the CVC code. If you need a CVC code for your credit card terminal, contact your credit card terminal provider to disable CVC verification for manual charges like no-shows or cancellations.
Security Enhancements in Hoteliers.com Booking Engine
We have improved the security of credit card processing in Hoteliers.com booking engines. Guest credit card details are now stored in an external PCI-compliant environment certified at PCI-DSS level 1, ensuring the highest protection standards for sensitive data.
Existing Security Measures:
- No storage of card details: Previously, credit card details were sent directly to hotels without being stored on our servers to ensure security.
- Encrypted connection: All credit card information has always been secured with an encrypted HTTPS connection. Guests can see the security certificate in their browser's address bar.
What Has Changed:
- Manual card detail retrieval: You now need to log in to the PCI environment to view credit card details. Booking confirmations contain a link to the PCI environment.
- No change for PMS or Channel Managers: Hotels using a connected PMS or channel manager will continue receiving full credit card details as before.
- No change for guests: Guests will not notice any difference. The credit card form remains the same in the booking engine.
Which Reservations Are Affected?
These security changes apply to all reservations made via the Marketing Platform or the Booking Engine integrated into the hotel website.
Questions?
If you have any questions about viewing credit card details or setting up your PCI account, please contact our support team by emailing support@smarthotel.nl. For further details on credit card handling, refer to the article Viewing Credit Card Details.