Hoteliers have - or have not - been listening to the imperatives delivered by all of the major credit card issuers known as “PCI Compliance” since 2005.
Lodging has covered PCI in detail before (see It’s in the Cards, May 2007, by Mark G. Haley). However, the standards defined in PCI have been evolving, with the recent release of a new version of the standards, and Visa has published an updated, aggressive enforcement strategy aimed specifically at the computer systems that process credit card transactions. These new developments warrant a fresh look at PCI, so in this issue, we will:
Briefly define PCI (Payment Card Industry Data Security Standards) and PCI compliance
Recap the changes in version 1.2 of the PCI standards compared to version 1.1
Discuss the recently-released “Payment Application Data Security Standards”, or PA-DSS and the enforcement of these standards, the impact of them on vendors of computer systems and the hotel companies that buy them.