During the last few months CMS Hospitality has undertaken PCI DSS Certification as a service provider to provide our clients the assurance that we are investing in the security of the GuestCentrix PMS application.
To achieve compliance, a company must successfully demonstrate it has met stringent measures in enforcing the data security of the companies with which it conducts business.
We are very pleased to advise that GuestCentrix is fully PCI DSS compliant.
What is PCI DSS Compliance?
The PCI Compliance Guide define PCI DSS (Payment Card Industry Data Security Standard) as “a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.”
Why PCI DSS Compliance is important for your property?
Hotels and resorts rely on credit card payments from their guests and the fact is some hotels tend to keep card data in several places: central reservation systems, third party partners, PMS, emails and so on. Many properties store card information where the card data is at risk to theft and intrusions are possible.
Understanding PCI DSS Requirements for your property
On its website, the PCI council has highlighted a number of ‘quick steps to security’ for organisations based on the years of experience of security experts from around the world.
These steps apply to hotels as much as they do to many other industries:
- Buy and use only approved PIN entry devices at your points-of-sale.
- Buy and use only validated at your POS or website shopping cart.
- Do not store any sensitive cardholder data in computers or on paper.
- Use a firewall on your network and PCs.
- Make sure your wireless router is password-protected and uses encryption.
- Use strong passwords. Be sure to change default passwords on hardware and software – most are unsafe.
- Regularly check PIN entry devices and PCs to make sure no one has installed rogue software or “skimming” devices.
- Teach your employees about security and protecting cardholder data.
- Follow the PCI Data Security Standard.
GuestCentrix Payment Gateway Integrations
GuestCentrix is integrated with the following payment gateways so that properties can process payments in a fast, PCI compliant manner.
DPS / Payment Express – click here for the full range of countries supported
Shift4 for North American clients
- Remove COMPLETELY human error involved with credit card transactions. No need to correct incorrect amounts. If a payment is in the GuestCentrix transaction list for a shift then it has been processed through the payment gateway.
- Streamline online bookings & payments. Booking engines are able to return a token which is stored against the booking and guest. This token can be used at check on or check out without the need to ask the guest for their card again.
- Express check outs for your guests as there is no need to obtain the guests credit card again.
- Increased security for your property and your guest as all cards will be stored with the Payment Gateway provider and not in the PMS.
- Improved confidence that your guests are able to pay their accounts. You have the ability to set all payment amounts and pre-authorization limits with the system automatically calculating credit card surcharges as required.