Home
Tour
Products
Innovations
Pricing
Testimonials
Samples
Academy
Company
Support
Login
Reservation Nexus
PCI Compliance
Hotel Software, Guest Management Demo30-Day Risk Free Trial - questions? 877.236.268530-Day Risk Free Test Drive - questions? 877.236.2685

What is PCI Compliance?

The Payment Card Industry (PCI) data security standards are network security and business practice guidelines developed by Visa, MasterCard, American Express and Discover Card. They were developed to establish a 'minimum security standard' with regards to the protection of cardholders' account and transaction information. These standards help reduce but not eliminate security compromises.

Who is required to meet the PCI security standard?

All entities that accept credit or debit card payment, collect, process or store credit card transaction information, regardless of their transaction volume, are required to meet the PCI standard by June 30, 2005. Failure to comply with the PCI security standard may result in substantial fines or permanent expulsion from card acceptance programs.

What does Reservation Nexus do for PCI compliance?

Reservation Nexus is PCI Compliant through self-assessment. Reservation Nexus is also presently working to be PCI Compliance through QSA (outside) assessment. This takes time.

Some of the things we do for PCI compliance:

  1. Successful completion of a PCI security self-assessment questionnaire. The self assessment questionnaire asks specific questions about our internal security practices, both on our website and in our offices.
  2. Pass remote vulnerability scans conducted by a Visa and MasterCard "Qualified Independent Scan Vendor".
  3. PCI standards are updated and improved all the time. Reservation Nexus follows these requirements and makes the necessary changes as needed.

As a business that accepts credit card charges, what should you do to be PCI Compliant?

For PCI Compliance to work every business and entity in the process needs to be PCI Compliant. What should you do to be PCI Compliant?

  • Visit pcisecuritystandards.org to learn more about PCI Compliance.
  • Perform thorough background checks on each staff member that works with credit cards.
  • Limit how many credit cards your store on file through Reservation Nexus' advanced security measures.

What if my provider claims they are hacker safe? Are they PCI compliant?

Just because a site is scanned for hacker vulnerabilities, such as by McAfee Secure or SecurityMetrics, doesn't mean the site is PCI compliant. In fact, some vulnerabilities are deemed safe by these scans, whereas due to the stricter nature of PCI compliance, they are not permitted. Hacker scans are only one part of PCI compliance.

Why doesn't Reservation Nexus store the three-digit code found on the back of the card?

Here is the exact PCI Compliance question that we have to answer yes to in order to be PCI compliant:

  • Is it prohibited to store the card-validation code (three-digit value printed on the signature panel of a card) in the database, log files, or point-of-sale products? --> Yes

Storing the number contravenes Visa's operating regulations and can lead to fines and penalties.

Our Auto Pilot edition, which includes automatic credit card processing, immediately charges the card and then discards the 3 digit number. The number is never stored. You will have to ask the customer for it each time you charge their card if your credit card provider requires it.
HOME | TOUR | PRODUCTS | TESTIMONIALS | SAMPLES | COMPANY | SUPPORT | SITE MAP
© COPYRIGHT 2003 - 2011 RESERVATION NEXUSTM | TERMS OF USE | PRIVACY POLICY | TRADEMARKS