Tokenization without CC terminal (locally)
IDPMS 4.1.5 and newer versions support tokenization of credit card numbers. This means that credit card numbers are not stored encrypted, but as a token. This is done to limit the PCI-DSS scope of the database of the hotel.
Tokenization with CC terminal
A guest calls the hotel directly to make a reservation. The employee creates the reservation in IDPMS including a credit card number. If the workstation is connected to a CC terminal, tokenization of card holder data will always go through the terminal. Below a detailed flowchart.
Tokenization without CC terminal (locally)
If a reservation is created in IDPMS on a workstation which is not connected to a CC terminal, tokenization of card holder data will be done directly at Shift4.
Below a detailed flowchart.
An algorithm check is done on the entered data. This does not mean the entered CC is an actual, valid credit card number (in use). It means that the entered number complies with the algorithm used by credit card providers
Tokenization without CC terminal (not locally)
If a reservation is created via a website, tokenization of card holder data will be done directly at Shift4.
Below a detailed flowchart.
An algorithm check is done on the entered data. This does not mean the entered CC is an actual, valid credit card number (in use). It means that the entered number complies with the algorithm used by credit card providers
When a token is set in the reservation, the user can look it up via the following steps.
Double click in the credit card number field of the reservation:
Click on βYesβ and the token will be shown, like:
How to use a token to authorize and/or settle is explained in respectively How to in IDPMS β Authorization and How to in IDPMS β Settlement.