At FNSrooms, we´ve created FNSpayments to comply with PSD2 regulations, integrating providers such as PAYCOMET and Addon Payments. This way, you can manage payments securely and always in compliance with regulations.
PSD2 (Payment Service Directive 2) is the European regulation that governs payment services, updating the original directive from 2007. Its objective is to create a secure environment in the EU, protect consumers, establish common rules, and allow different providers, such as banks or platforms like Google Pay and Apple Pay, to offer payment services.
Regardless of the reservation´s origin, FNSrooms launches the necessary processes to authenticate payment. Using a system known as "tokenization," card data is encrypted and converted into an alphanumeric code that encodes the information. This "token" is received by the hotel and will allow it to charge in situations where the guest is not present (such as in the case of a no-show).
This way, card data is no longer visible and guest security is guaranteed, so that no one on the hotel staff can access the card information. It also aims to increase security against a cyberattack.
(*)Check the integrations with providers currently available.
This is the authentication process required by PSD2, whereby the user must enter a step during the payment process that includes the use of two authentication factors in order to complete the transaction.
No, that procedure is no longer valid as it was previously, but other authentication criteria are required. Strong authentication requires the use of two of three elements categorized into one of these options: knowledge (something only the user knows), possession (something the user has), or inherence (fingerprint or facial recognition). Storing this card data is no longer permitted; it would have to be "tokenized".
No. Generally, when transactions are initiated by the customer in the online purchasing process on a website, this is typically the case. There are some exceptions to this, based on the amount, etc., but almost all card transactions or bank transfers require SCA.
Yes, MITs (Merchant Initiated Transactions). These are transactions in which the cardholder is not present at the time of the charge for various reasons: value increases, recurring payments, or installment payments. In these cases, the card will have to be authenticated at the start of the transaction. It is also necessary to obtain the customer´s acceptance to charge their card in the future.
Tokenization is a process by which card data is encrypted and converted into an alphanumeric code that encrypts the information. The goal is to ensure security for the guest, so that no one on the hotel staff can access the card information. It also aims to increase security against a cyberattack. As we can see, we would prevent fraudulent use by maximizing security.
The tokenization process is carried out by the payment gateway provider, but it connects to the PMS so that if payments need to be made, the gateway can use the token, and the provider can decrypt the information when we issue payment orders from the management system. In the PMS, we can monitor the payment status of each reservation subject to the standard at all times.
