The physical distancing and work-from-home orders put in place as a result of the pandemic have brought to light numerous inefficiencies in how we manage hotel operations. These will all need to be addressed as we open our doors while keeping a leaner team, and today’s pain point relates to automating credit card transactions taken over the phone.
Namely, still accepting this information via phone is an ineffective use of your front desk’s time while it also isn’t fully PCI compliant and creates a jumble of paper-based work for your accounting team which needs to post everything to the proper ledger. Plus, there’s always the chance for manual entry errors or card-not-present chargebacks. All told, it’s relic and it needs to go.
In sitting down with the accounting department at an independent resort for which I am the asset manager, one of the key projects as operations ramped back up was to minimize manual payment processing and to move more of these activities to an integrated online system. The objectives therein were to decrease costs, increase security and enable more work-from-home options.
Luckily, there are now several platforms capable of layering a customized ecommerce webpage on top of a hotel’s payment gateway provider so that your employees don’t need to touch credit card data anymore. Payments are fed through the online portal to the gateway while simultaneously posting that data to the PMS onto the intended ledger – that is, guest or group folios, restaurant, spa, golf, miscellaneous and so on.
In looking to implement such software for at a hotel, one key data security term I’ve had to familiarize myself with is ‘tokenization’ to denote the encryption of sensitive information as it is handed from system to system, all so that a guest’s credit card can be verified as legitimate and so all the banks are properly notified of the transaction.
To dig a bit deeper, I spoke with Conner Erwin at b4, a hospitality payment solutions provider, who explained, “What this means is you can now give a guest a hyperlink or an email that opens to a private ecommerce webpage page, and all the credit card information they type in is never held by the hotel itself but simply passed through to the payment gateway as a token. It’s totally PCI-compliant because it removes a hotel team’s interaction with the credit card data prior to posting.”
Getting bogged down by manual entry is a huge time sink, so obviously these new age ecommerce platforms that can also post to the PMS will help reduce costs. Moreover, as a result of the heightened degree of verification, an ecommerce merchant POS is afforded reduced interchange fees versus a regular lodging POS.
This brings us back to those pesky phone calls where guests are all but ready to verbally tell you everything you need to effectively complete a card-not-present transaction. Instead of typing in or writing down any credit card details, the only piece of information you now need is the person’s email. From there, guests get an ecommerce portal to fill out on their own while the hotel gets a real-time notification of each successful payment or failed attempt.
Keep in mind, though, that we weren’t eliminating the telephone interaction with guests altogether. With these technologies in place, we merely transferred the tedious, non-rapport-building part of that call – as in, the exchange of sensitive credit card information – to a webpage. And then all the other benefits were an easily comprehendible windfall, especially with the underlying need for more productivity and more staff flexibility during these rapidly changing times.