paiement digital : deux touristes qui paient la note de leur hôtel par carte bancaire
  • Unclassified
  • 2 minutes

Credit card tokenisation: what usecase in tourism?

The CentralPay electronic payment solution offers tokenization of bankcards and payment data in a PCI DSS environment. A major challenge for the tourism industry and hotel distribution centers in particular.

The tokenization of bankcards, a challenge for the tourism industry

CentralPay by offering its bank card tokenization service to all tourism players provides decisive support in their compliance efforts vis-à-vis sensitive data security and RGPD compliance.

The tourism industry’s responsibility for safety

While there are still those who prefer to search for the hotel of their dreams by hand, many consumers are opting for a broader vision of the hotel offer, relying on the services of central reservation systems.

To orchestrate everything, these platforms rely on distribution software solutions, whose main purpose is to manage all hotel schedules and put the parties in contact with each other, i.e. the consumer and the tourism professional. The cornerstone of the system, the customer’s bank details, guarantee the establishment of a relationship of trust.

In other words, by receiving sensitive data for the purpose of connecting parties, distribution platforms place themselves under the aegis of banking compliance. Tasked with doing everything in their power to protect the confidential banking information they receive, they have to design an IT architecture that complies with the PCI DSS standard.

Emancipate yourself from the PCI DSS environment with the CentralPay tokenization service

A PCI DSS information system is mandatory for all players who capture, transport, store (or process) bankcard data. Implementing it is a complex, time-consuming and often costly process, involving virtually all areas, from procedures, equipment and technologies to business processes. In short, a matter for specialists.

Ideally, therefore, you don’t need to capture or store banking data. The solution lies in tokenizing sensitive data, replacing it with a unique, tamper-proof token.

Since the latest 3.2 PCI DSS standard, CentralPay offers access to its secure infrastructure via its tokenization service. By having only the token – a random sequence of numbers – distribution centers can de facto secure the booking circuit, and provide their customers and partners with the guarantee of a reliable process, in compliance with the standards set by the payment card industry.

CentralPay thus offers service bricks that can be adapted to the degree of outsourcing of the PCI-DSS perimeter. They support a number of the standard’s bridges, ranging from infrastructure management, encryption and log management, to hosting the customer’s application.