Page 1 of 2
Booking.com Payments
Posted: Tue Feb 07, 2017 2:06 pm
by ishola21
Hi All,
I am hoping someone can help, I have recently started advertising our property with booking.com. When it comes to payments by credit cards, I notice the guest doesn't have to put the CV numbers but I cant process the payment through stripe without it. How does everyone process the payment from guests?
Thanks in advance.
Posted: Tue Feb 07, 2017 2:31 pm
by sylvainbg
Hi
You need to call booking.com so the CVC will be compulsory for guests
Posted: Tue Feb 07, 2017 6:07 pm
by Hells Bells
You can also message them if you don't have any luck phoning, although they are usually good at annswering the phone. I asked them to activate it a couple of weeks ago, and got my one and only successful booking a few days later. The rest have all booked then not paid when I've requested either CC or bank transfer/
Posted: Sat Feb 11, 2017 12:09 am
by ianthy
sylvainbg wrote:Hi
You need to call booking.com so the CVC will be compulsory for guests
Thanks for the advice. This has been driving me absolutely mad. Guests 'book' and leave their card details but I can't process it and the guest then ignore the constant emails, texts and calls demanding cash. I simply tire of it and cancel the booking.
I will contact Booking.com and ask that the booking details include the cvc
Posted: Sat Feb 11, 2017 8:00 am
by newtimber
ianthy wrote:
I will contact Booking.com and ask that the booking details include the cvc
If you accept cards, then you need to be PCI compliant. Storing CVC codes does not comply with PCI DSS.
Posted: Sat Feb 11, 2017 8:44 am
by Hells Bells
you can only view it once to process the payment then it disappears from the system.
Posted: Sat Feb 11, 2017 3:07 pm
by newtimber
Hells Bells wrote:you can only view it once to process the payment then it disappears from the system.
I didn't think under PCI DSS, you're allowed to store it at all. After all, there may be a long delay between the details being stored and your processing of the payment. Which reminds me, my merchant card provider has just asked me to confirm that I have a program to monitor service providers PCI DSS compliance status at least annually. Is Booking.com PCI DSS compliant (not that I use booking.com)?
Posted: Sat Feb 11, 2017 3:43 pm
by sylvainbg
My channel manager that I am using is sending the card details to stripe vault.
Posted: Sat Feb 11, 2017 8:01 pm
by CSE
newtimber wrote:Hells Bells wrote:you can only view it once to process the payment then it disappears from the system.
I didn't think under PCI DSS, you're allowed to store it at all. After all, there may be a long delay between the details being stored and your processing of the payment. Which reminds me, my merchant card provider has just asked me to confirm that I have a program to monitor service providers PCI DSS compliance status at least annually. Is Booking.com PCI DSS compliant (not that I use booking.com)?
The CC details are stored for more than one viewing.
The question about compliance should be asked of Booking.
To be honest do you really think that every single business world wide is compliant? Recent history is dotted with websites which have been hacked and CC details taken.
Posted: Sat Feb 11, 2017 8:30 pm
by Hells Bells
The CC details are but the CVC code disappears.
Posted: Sat Feb 11, 2017 9:35 pm
by CSE
we do not need the cvc number to take money on our card machine. So details are still shown up to 3 viewings.
Posted: Sat Feb 11, 2017 10:25 pm
by newtimber
casasantoestevo wrote:
To be honest do you really think that every single business world wide is compliant? Recent history is dotted with websites which have been hacked and CC details taken.
There are considerable Card Scheme fines associated with non-compliance following a data compromise. Many non-compliant merchants have ceased trading because the fines could not be accommodated.
Posted: Sun Feb 12, 2017 10:27 pm
by greenbarn
newtimber wrote: Is Booking.com PCI DSS compliant (not that I use booking.com)?
I've wondered about this.
Does a guest who uses BC understand (and accept?) that their card details are not processed by BC, who might be expected to be a secure organisation, but are passed to a third party who may be a reputable organisation, or an individual of dubious background who has just been given all the information he or she needs to drain the CC dry? What checks are in place?
Posted: Sun Feb 12, 2017 11:10 pm
by Ecosse
greenbarn wrote:newtimber wrote: Is Booking.com PCI DSS compliant (not that I use booking.com)?
I've wondered about this.
Does a guest who uses BC understand (and accept?) that their card details are not processed by BC, who might be expected to be a secure organisation, but are passed to a third party who may be a reputable organisation, or an individual of dubious background who has just been given all the information he or she needs to drain the CC dry? What checks are in place?
It's not foolproof - there'll be bad hoteliers amongst the sea of good ones - but at least, unlike the homeaway group, BC check every single property on their website exists before it goes live. If a property owner then starts clearing credit cards, they're very traceable, which has to be a deterrent.
Posted: Mon Feb 13, 2017 8:45 am
by CSE
All of those unscrupulous hotels cannot download details of the CC from Booking.
As stated before details can only be view a max of three times.