Change Region

You're on our English website. Change your region to see information for another location.

Status en English Log in Contact

Search RMS

Log in
Get Started
| 28 February 2024

Understanding PCI compliance and how it affects your business

Welcome to RMS Cloud

We noticed you’re from the United States

Continue to Global Site
Visit US site

If you accept or process payment cards, PCI DSS applies to you.

Many business owners struggle to wrap their heads around Payment Card Industry (PCI) security compliance. What is it? Why do I need to be compliant? What happens if I’m not?   

In this article, we’ll talk about why PCI compliance is important to your business and how RMS PAY helps you achieve it.  

 

In this article:

What is PCI compliance?

You might hear us use the term ‘PCI compliance’, which stems from the technical and operational requirements set by the Payment Card Industry Security Standards Council. The council’s founding members who set the standards are none less than AMEX, JCB, Discover, Mastercard and VISA, and some of the standards they’ve designed for you - the merchant - are called Data Security Standards (DSS). “If you accept or process payment cards, PCI DSS applies to you”, as stated in their reference guide, and it is the global standard for all merchants.  

PCI in Australia

In Australia, AusPayNet is an active contributor to financial standards set by the International Organisation for Standardisation (ISO) and is an affiliate member and contributor of the PCI. The Reserve Bank of Australia (RBA) released a set of expectations for merchants in which they must meet the minimum security requirements compliant with the Payment Card Industry Data Security Standard (PCI DSS) for transactions that tokenise and store card payments (i.e. online payments, terminal payments).  

What is PCI designed to do?

The Data Security Standards are designed to protect individuals against data breaches and consequential credit card fraud. It’s not 100% foolproof, but it’s a best practice the payment industry provides to mitigate risk as much as possible. Above all else, it’s about investing in the protection of your valued guests, to ensure their information doesn’t fall into criminal hands by way of your property.  

Why you need to meet PCI DSS standards

Businesses that store, process and/or transmit cardholder data - including payment gateways like RMS PAY - must comply with PCI DSS. These requirements apply to all payment acceptance channels including retail (brick-and-mortar), mail and telephone order (MOTO) and online.  

 By adopting RMS PAY, you don’t have to worry about being PCI compliant, because we do that for you.  

If you don’t meet PCI DSS standards or you’re not sure if you do, you will need to complete one or more of the following validation tasks: 

  • Self-assessment questionnaire 
  • Vulnerability scan 
  • On-site review with an assessor 
How to meet PCI DSS standards

With a mixture of digitally secure payment software like RMS PAY and employing best practices, you’ll be able to meet PCI compliance standards without having to make drastic changes to the way you operate.  

Let’s use an example. If a guest calls up to make a booking and you ask them to read out their card details, you just broke compliance. If you proceed to enter that card number into your terminal/PMS manually, you just broke compliance. If you didn’t have your PMS open and you wrote that card number down on paper, you broke compliance.  

However, if a guest called up to make a booking and you said, “I’ll send you an SMS payment link now, I can stay on the phone while you do it”, you’d be getting paid, you’d be certain your guest was legitimate, and you’d be – you guessed it – PCI compliant.  

PCI compliance standards are designed to eliminate payment methods that are highly susceptible to fraud, and unfortunately, that may include your usual way of doing things. But with a little best practice and a powerful payment gateway like RMS PAY at your side, you’ll be PCI compliant, and you’ll be adopting more efficient ways to take payments.  

What happens if you don't meet PCI DSS standards

Not meeting compliance standards for card payments holds a number of damaging outcomes for businesses and their guests, such as: 

  • You could be hit with significant fines 
  • You could face legal action 
  • You could lose your reputation and the trust of your guests  
  • Your revenue could be impacted as a result of damage to your reputation 
  • You could be subjected to time-consuming and costly federal audits in the aftermath of a data breach 
  • Your guests could have their credit card information leaked and be impacted by fraud 

 

So, in answer to your questions, if you intend to continue taking and processing payments at your property, whether you like it or not you do need to be PCI compliant and meet data security standards. You can do that in many ways as we’ve discussed, but the easiest way is to do it by adopting RMS PAY, the PCI-compliant payment gateway designed for hospitality that’s natively integrated into RMS’s hospitality management cloud.

That way, you can continue to manage your property all in one place without worry, doing the right thing for your guests and your business. 

 

Related reading

Zen Desk
Experience next level support, powered by Zendesk

At RMS, our commitment to constant innovation extends well beyond our core software offering – which is exactly why we’re upgrading our support and ticketing platform. We’re proud to be partnering with Zendesk to provide an amplified, intuitive solution for our property managers that delivers better results, in less time.

Read now
Events
Rethinking innovation at Ted's Tech Summit 2024

"As an industry, we have been waiting for decades for the technology that allows us to get good architecture, good data, and enriched guest profiles. Are we using it?" Discover key insights from Ted's Tech Summit 2024, revealing technology that is revolutionising the accommodation sector. Learn how breaking restrictive thinking, addressing operational challenges, and the role of technology can drive the industry forward.

Read now
RMS Pay
Top 5 ways to improve productivity with RMS PAY

Statistics show that automation reduces room for human error, saves employees time and reduces labour costs. How? By improving productivity at work. What are the top 5 ways RMS PAY helps to improve productivity? RMS PAY is the latest innovation from the team behind RMS Cloud; pioneers and leaders in PMS software for 40+ years. Getting the payments process right is integral to setting your business up for success, but payments can be tedious, subject to human error and vulnerable to fraud.

Read now
RMS PAY guests enjoying the payment experience
RMS Pay
5 ways to deliver a fantastic guest payment experience

Guests' expectations are constantly changing and you can use technology to ensure that you’re consistently delivering the best experience available to them. Particularly when it comes to payments. How to deliver a fantastic guest payment experience with RMS PAY 1. Smooth out the online booking process Integrated property management technology and payment gateways like RMS Cloud and RMS PAY ensure that processing bookings and payments is seamless for both guests and staff.

Read now