Tokens are saved in protel with a reference
to the respective reservation. The token is deleted from the protel PMS
after a configurable number of days after check-out (System data
- Bookkeeping - Settings > PCI Compliance).The BWI Interface works using the extensive and globally accepted security standards of the leading international credit card companies (Payment Card Industry Data Security Standard - short PCI DSS). The main goal of PCI DSS is to guarantee the secure handling of credit card data with the aim of preventing data theft and credit card fraud.
In accordance with PCI DSS, no legible credit card data are to be kept anywhere in the hotel. This is especially valid for the hotel software. Credit card data will therefore be replaced by a surrogate value called "token". The Tokenizer takes on the secure storage and replacement of the credit card data. In protel, only the surrogate value, the so-called token, will be saved and displayed. Only authorized employees of the hotel can logon to the Tokenizer.
Tokens are saved in protel with a reference
to the respective reservation. The token is deleted from the protel PMS
after a configurable number of days after check-out (System data
- Bookkeeping - Settings > PCI Compliance).
Access to the protel Tokenizer is done by means of the protel Cloud Center.
Log in with your login data: https://connect.protel.net/files/source/pcs/index.html
You can enter and encode credit card information conforming to PCI standards by means of the PCI > Tokenize menu point.
You can decrypt credit card information by means of the PCI > Detokenize menu point.
Before a booking can be sent to protel by the Best Western Interface, it will be referred via the Tokenizer. This will then filter out the credit card data and replace it with a token. The data which then arrives in protel is safe and protected. Only the surrogate value (token) can be seen.
The manual entry of credit card information is done via protel Tokenizer. Only authorized employees of the hotel can logon to the Tokenizer.
Access is done in the protel Cloud Center by means of the PCI > Tokenize menu point
The credit card token can be saved in the reservations by entering the reservation ID together with the credit card information into the Tokenizer.
The reservation ID can be found in the Navigator (
in the figure shown 27851).
First, lookup the reservation ID in the Navigator of the relevant reservation.
Open the Tokenizer and enter the credit card data (number, holder, valid from/thru).
Enter the reservation ID (see screenshot below).
Figure: protel Cloud Center > PCI > Tokenize. Enter the credit card data + reservation ID |
Click on [Tokenize] to save and encrypt the data.
The credit card token will then be saved in the Navigator afterwards. It can also be accessed in the "Credit Card Authorization" dialog box located in the "More..." dialog box.
|
Currently, credit card tokens can also be assigned to a profile, which, however, violates the latest PCI specifications. For this reason, tokens attached to a profile are deleted by the purge routine after every end of day process. We therefore strongly advise against storing tokens in the profile. |
All fields with * are mandatory
Entry |
Description |
Credit card no.* |
This is where you enter the credit card number without any spaces or special characters. protel checks the entered credit card number for its validity. The checking of the data occurs during entry. As long as the entered number is incorrect or incomplete, the entry field will be framed in red.
It will switch to a blue frame when the number has been accepted:
|
Cardholder* |
This is where you enter the cardholder's name. |
Valid from |
This entry is optional. Usually, the date has to be only provided for debit cards. |
Valid thru* |
Enter the card's expiry date here. Click on the calendar icon and select the month and the year from the calendar. Click on [OK] to select the date.
|
Card type |
The credit card type will automatically appear once the credit card number has been successfully entered. |
Token |
The token is displayed here once the credit card information has been tokenized (encrypted). Explanation: Rather than using real credit card numbers, protel solely uses tokenized numbers. The sensitive original data are stored on the external tokenization server where they are protected from unauthorized access. |
Additional data
|
|
Issue no. |
Optional. The issue no is only used by certain card types (Smart, Solo, Maestro) and is a single or double digit number printed on the front of the card. |
Res. ID |
Field for entering the reservation ID. |
Guest profile ID |
Please do not fill in! (tokens which are saved to a guest profile will automatically de deleted during the end-of.day-process!) |
Should a credit card be manually charged (e.g., because a guest does not arrive and will be invoiced as "NoShow"), there is the option to decrypt and display the credit card data by means of the detokenizer. There are specific user rights necessary for this.
Open either the navigator or the guest profile (depending on where the token had been saved - see above).
Figure: protel FO > Navigator > Credit card token in the tree-view |
A left click on the token will copy it to your clipboard.
Login to protel Cloud Center.
In the PCI menu, click on the Detokenize menu point.
Select the Token field and paste the token by using the following keyboard shortcut: Ctrl+V
Click on [Detokenize] in order to display the credit card data.
