LodgeGate and PayByLink help hotels with PCI, SCA and online payments
In order to process credit card details for the acceptance of hotel reservations, each merchant must be PCI DSS compliant at all times. Audits for this entail the necessary costs. LodgeGate, facilitator of hotel software and led by Jan-Willem Moors, therefore decided to take a different approach. In collaboration with PayByLink, a system was developed to send an email with a payment link, that enables online credit card verification and direct payments via an internet checkout. This eliminates the need to store credit card numbers.
LodgeGate has been marketing hotel software for the hospitality industry for many years with its Property Management System. The software, with a fully automated reservation system, has been developed for hoteliers by hoteliers. It is suitable for use by hotels themselves but can also be used to link to the major booking channels. LodgeGate has a ‘social’ business model in which no fixed costs are charged to hotels, but prices fluctuate based on the occupancy rate of hotels. This means that the service is also accessible to the smallest hotels.
High costs PCI-audits
Until recently, this accessibility was somewhat hindered by the high costs of PCI audits. To be able to store credit card data all year round and to meet the strict requirements of credit card companies, the costs could rise to even € 40,000 per year. Costs that LodgeGate had to pass on to the hotels. Moors explains: “Credit card details were often stored in order to be able to charge the room fee afterwards as well as any other costs, such as breakfast, towels, late cancellations or no-shows. However, this does not provide a full guarantee for the hotels. Because, in addition to the fact that we no longer wanted to bear the audit costs, we also wanted to give more control back to the hotels. We therefore looked for an alternative.”
Two birds with one stone
That alternative was created with PayByLink. At the very moment guests make a booking at a LodgeGate customer, they will immediately receive an email with a payment link. Of course this also contains the booking details and guarantees. The look and feel of the mail are in line with the corporate identity of the hotel in question. The guest will have 24 or 48 hours to complete the payment in order to guarantee the booking. The payment link leads directly to the payment service provider of the hotel itself, after which LodgeGate automatically processes the payment status via PayBylink. The hotel no longer has to manually enter anything and store credit card details. Moors: “We kill two birds with one stone: we reduce the costs of PCI audits and give hotels considerably more power over their money management and reservation guarantees.”
Power to the hotels
To whom did hotels lose that power over the years? Online Travel Agencies (OTA), in other words, the major players such as Booking.com and Expedia. Important sales channels indeed, but players who, if you are not careful, will have increasingly more influence. It is great that even more benefits can be gained from the cooperation between LodgeGate and PayByLink, especially in the field of SCA (Strong Customer Authentication). This part of European legislation dictates that the identity of the owner of the debit or credit card must be verified during the transaction through an extra authentication step. As of December 31, 2020, this is mandatory throughout Europe.
The SCA obligation would cause problems for reservations through booking channels. A short explanation. When a guest booked a hotel room with an OTA, the guest’s credit card number was forwarded to the hotel by the OTA. The latter could then authorize the amount due by entering the credit card number on its own PIN terminal. Moors: “Starting this year, credit card companies will ban this way of working, because two-step authentication is impossible in this process”. Moors continues: “Here too, thanks to the PayByLink collaboration, we are giving power back to the hotels by offering them the option to let the customer pay with a payment link including online identity verification immediately after an OTA booking. Unlike before, they have a payment guarantee and are much less dependent on booking channels. Payments are no longer made in the booking process and through the reseller’s bank (OTA). In addition, the hotels have the advantage of working in accordance with SCA and having the money paid directly into their own bank account”.
A few hotels have gone live since October 2020, but the rollout has not gone nearly as quickly as previously thought due to the Covid-pandemic. Although Moors would of course have liked this to be different, he also sees the advantages of the situation: “We have had the time to set up the systems and gain a great deal of knowledge from the affiliated hotels. Our ‘social’ working method results in a free choice for every hotel: although we have definitively stopped storing credit card data as of January 1, 2021, it is not obligatory for anyone to start working with our new systems. Of course we hope that in the future we can introduce as many customers as possible to the payment links of PayByLink.”
Finally, Moors evaluates the collaboration with PayByLink: “I experience it as very pleasant. Hans Bouman’s creative input is always aimed at finding a solution. The success of our solution can therefore largely be attributed to his input. He is really a person who thinks in cooperation with each other, but also with other companies. Thanks to the expertise of each individual partner, hotels are completely unburdened in the entire booking process”.