Skip to main content

For Hotels & Accommodation Providers

PCI Booking helps hotels and accommodation providers handle guest payment cards without managing PCI DSS compliance in-house. When an OTA or booking channel sends you a tokenized card, PCI Booking lets you view the card details securely, process charges through your preferred gateway, and manage CVV data according to your retention policies. Instead of receiving raw card numbers (which would put you in PCI scope), you receive tokens that PCI Booking converts into real card data only when needed, such as at the point of charge or when displaying the card to authorized staff.

Where to Start

How PCI Booking Works

Understand tokenization and how card data flows between OTAs and hotels.

Quickstart Guide

Set up your PCI Booking account and start processing tokens.

Receive Tokens from OTAs

Learn how to manage tokens shared with you by OTAs and booking channels.

Display Card Details

Show card data to authorized hotel staff using a secure, embedded iframe.

Charge Guest Cards

Process charges, authorizations, and refunds through your payment gateway.

CVV Management

Configure CVV retention policies and capture CVV when needed for charges.

3D Secure Authentication

Add 3D Secure authentication data to tokens for SCA compliance.

Common Use Cases

Browse workflows designed for hotel scenarios.

Typical Hotel Workflows

  • Receive and display: An OTA sends a booking with a token. Your front desk staff views the card through a secure display form. See Card Display.
  • Receive and charge: Use the token to charge the guest’s card through your payment gateway at check-in or check-out. See Charge.
  • CVV capture for charges: If the CVV was not stored or has expired, send a secure link to the guest to recapture it. See CVV Capture.

Testing Your Integration

Validate your setup using PCI Booking’s sandbox environment before processing real guest cards. See Testing and Going Live.