Payment Gateways and PCI Compliance
Information on managing credit card information in a PCI compliant manner when using RMS.
Security provisions surrounding the processing of information and handling of credit cards is mandated by all credit card brands and administered by the Payment Card Industry Security Standards Council.
Payment Card Industry Data Security Standard (PCI DSS) — also known as PCI Compliance — is a propriety information security standard for organisations working with major branded credit cards including Visa, MasterCard, American Express, and JCB.
Payment Gateways
A payment gateway is an eCommerce application provided by merchant services to authorise and process credit card payments in a PCI compliant manner.
Configuring a payment gateway account in RMS provides secure credit card storage, payment processing and refunds directly from any account in RMS with the added ability to accept online payments through the RMS Internet Booking Engine and Guest Portal.
When connected to a payment gateway, credit card information is encrypted, stored, and processed externally of the RMS database.
A Credit Card Token becomes available to use in RMS to manage payments and refunds to the connected card without exposing sensitive information. Many payment gateways also include EFTPOS terminals to enable management of card present transactions.
A payment gateway is the only PCI compliant method of managing credit card information in RMS.
Available Payment Gateways
RMS integrates with a large number of payment gateways including the native all-in-one solution, RMS Pay.
RMS Pay enables centralised management of credit card transactions, pre-authorisations, and chargebacks without navigating externally from the Property Management System with both EFTPOS and eCommerce capabilities.
Additional features available with RMS Pay include manual release of pre-authorisations and the ability to send a secure Pay By Link by SMS or email to request payment. The Pay By Link enables the recipient to complete payment on a 3DS secure payment page that records and processes the payment in RMS using RMS Pay.
Each payment gateway's features and limitations vary with some offering EFTPOS only or eCommerce only and others offering a combination of both.
Accepting payments on the RMS Internet Booking Engine and Guest Portal, as well as the ability to tokenise credit cards and securely process transactions without a connected device requires eCommerce capabilities.
Other Payment Gateways available for connection in RMS include BrainTree, BridgePay, CommWeb, Elavon, Evo, GK Solutions, NGenius, OpenEdge, Red Dot, Opayo, Stripe, Tyro, Till Payments, and Windcave.
Frequently Asked Questions
What are the benefits of using a payment gateway?
A payment gateway is the only PCI compliant method for securely storing and processing credit card transactions in RMS.
In addition to being PCI compliant a payment gateway minimises the manual processes involved in credit card transactions.
eCommerce payment gateways add further benefit by enabling online payment processing within RMS, on the RMS Internet Booking Engine and in the Guest Portal.
Deposits and account payments, including for incidentals or damages after the guest has checked out can also be completed without pursuing the guest by using the existing Credit Card Token.
A payment gateway offers simplified payment processing whilst minimising exposure and handling of sensitive card information, providing peace of mind to the guest and reducing liability from unpaid charges.DeleteWhat happens if we don't use a payment gateway?
A payment gateway is the only PCI compliant method for securely storing and processing credit card transactions in RMS.
Not using a payment gateway limits capabilities to the use of an external EFTPOS device and manual recording of transactions on accounts in RMS.
Online payment capabilities through the RMS Internet Booking Engine can be processed on behalf of the property by RMS and may include fees, with payouts of any payments taken processed on a monthly basis.
Payments using the Guest Portal, Gift Cards, or Passes Portal are only available when connected with a payment gateway.
Credit card information received from third party connected Online Travel Agents will be stored as a PCI compliant virtual credit card and payment must be processed and recorded manually.
Connecting a payment gateway streamlines credit card transactions, ensures PCI compliance and offers a wider range of payment options to guests.DeleteCan we use our existing merchant facility?
The existing merchant facility must be enabled for eCommerce and connected to a payment gateway in RMS.
Contact the merchant services department at the property's bank for more information.DeleteCan we perform a pre-authorisation on a guest's credit card using a payment gateway?
The ability to perform a pre-authorisation with the option to manually release or consume the held funds is determined by the selected payment gateway provider.
RMS Pay offers the flexibility to place, consume or release a pre-authorisation whilst other eCommerce payment gateways may only enable placing a pre-authorisation.
Specific features available for each available payment gateway can be viewed on the associated 'Payment Gateway Functions' article.DeleteWhat transaction fees are associated with using a payment gateway?
Transaction fees are determined by the payment gateway provider and vary between providers.
eCommerce transactions and processes including creating a Credit Card Token or Pre-Authorisation Token as well as payment processing and refunds may incur fees from the selected payment gateway provider.
Credit card transactions processed using the EFTPOS terminal will incur the standard transaction fees and are determined by the merchant bank.
Contact the merchant bank and payment gateway provider for more comprehensive information on the fee schedule.Delete