Settings for PCI compliant handling of credit card data
When the hotelier queries a booker's credit card information in his WBE, a form for the credit card information will appear at the end of the booking procedure. By means of this input form, the credit card information will be sent to the protel Tokenizer which will replace it with a replacement number (token). This encrypted data is then visible in protel FO instead of the actual credit card information. In case cancellation fees or other costs are to be charged to the guest's credit card, the payment can be done with the token.
This chapter will inform you about which settings you, as partner, will need to carry out for your clients so that the credit card information taken from the WBE can be used by the hotelier.
System requirements
protel Version 18.792 or later will be required to ensure that all of the XSetups are working properly for the client.
XSetups in protel SD
The following XSetup will need to be set for the protel Tokenizer and its linked functions:
XSetup (all in the Navigator group) |
Value |
Description |
showccardstoken |
1 |
Has this been set, the token of a CC payment will appear in the navigator's tree view under "Additional reservation information". |
showccardstokenall |
1 |
An additional node will appear in the Navigator's tree view which displays credit card information belonging either to a reservation or a guest (no number). |
showccardstoken_cc |
1 |
In the navigator's tree view the respective CC-number (ccards.cc) will appear instead of the token (ccards.ccenc), for saved CC-payment or CC-authorization. |
tw_expandccinfo* |
1 |
Credit card menu point will automatically be shown in the Navigator in expanded form |
*This is the only XSetup entry which requires the protel Version 18.792; if the client does not need the expanded menu, protel Version 18.660 is enough.
XSetup in the Cloud
The encrypted transmission of the credit card information will need to be activated in the Channel information for the WBE.
Open the XSetup dialog box:
protel Cloud Center | Booking | Channel information | WBE | XSetup
Set the "PciCompliant" XSetup to "true". The setting will be saved immediately.
User rights
In order to be able to encrypt or decrypt credit card information in the protel Cloud Center, the following user rights are required:
- PciDetokenize
- PciTokenize
The user, who has the client-administrator role in the hotel, must receive these rights. The client-administrator can issue these rights to additional employees, should they also need to access the credit card information.
Activate the PCI mode
 |
Note PCI mode can be arbitrarily activated before or after going live. After activating PCI mode, the credit card information will be encrypted in protel. This means that a replacement number will be used instead of the actual credit card number! |
The encryption and decryption of the credit card data occurs after activating the PCI mode by means of the PCI menu located in the protel Cloud Center. A Cloud User will have to be created in the protel Cloud Center for each hotel employee who is to have access to this menu!
Activation of the PCI mode is done in the system data (Bookkeeping | Settings | PCI Compliance):
Menu System Data | Bookkeeping | Settings | PCI Compliance
In the next window, activate the PCI Compliance DSS 3.0 option as follows:
Activation of the PCI-Mode DSS 3.0
Now all necessary settings are done, the usage of the protel Tokenizer is described in the next chapter.