Card Verification Value (CVV)
For merchants required to collect the Card Verification Value (CVV) code or Card Validation Digits (CVD) from customers for online credit-card transactions, resellers using a compatible payment gateway can request Inntopia activate the necessary fields in their the CRS, eComm, and RMS systems. The JSON and V9 APIs also support collecting the CVV code.
- CVV collection is available for resellers using the following payment gateways with their Inntopia system:
- There are fields in all three Inntopia systems to collect or view the CVV codes for all accepted credit card types (VISA, MasterCard, American Express).
- In accordance with PCI compliance, the following rules are in place:
- Once the CVV code is entered and saved in Inntopia CRS or eComm, the code is encrypted and stored in the Inntopia database for up to 48 hours but is no longer visible in the data entry field.
- If the CVV is still in the system, it's indicated on the CVV field by asterisks.
- For saved reservations not confirmed within 48 hours of entering the CVV, the CVV is purged and must be obtained and entered again to successfully process payment.
- Card verification occurs for reseller collect-only itineraries and for combination reseller-/supplier-collect itineraries.
- Card verification does NOT occur for supplier-collect-only itineraries. For supplier-collect-only itineraries, the CVV code collected in eComm or CRS is passed to Inntopia RMS where the collecting supplier can then view and pass it to the issuing bank for card verification. The CVV remains visible in Inntopia RMS for 48 hours.
- The card-issuing bank performs the verification on the card.
- Any time a charge is attempted on the card, Inntopia passes the code to the card-issuing bank for verification.
- Using the Reserve button when attempting to confirm a reseller-collects itinerary where payment is required at the time of booking triggers card verification. CVV is purged from the system upon charging the card.
- When new items are added to a previously reserved itinerary, CVV must be requested and collected again to complete the reservation.
- When collecting payment through the Guest Payment Queue or Customer Account Receivable, the CVV is not required and could remain in the system for 48 hours IF it was not previously used in the confirmation of an itinerary.
- CVV is required any time a change is made to an existing customer's credit-card profile.
- CVV is required for all credit cards entered into new and existing customer profiles.
Note: As there is no prompt/reminder to update the CVV before attempting to complete a reservation in the CRS, Inntopia suggests agents add this step to their process of booking reservations.
- CVV is required to confirm all new itineraries in CRS.
- CVV is not required on subsequent deposits collected through the Guest Payment Queue or payment collected/refunds issued in the Itinerary History.
- CRS agents can enter the CVV code in the Credit Card information window of the Customer Profile.
Important Note: Inntopia provides secure guest payment card fields for entering and storing customer credit card information. Card holder details such as card number, CVV, and any other personally identifying information must only be entered in these secure fields within Inntopia CRS. Entering credit card information in any other fields within the Inntopia platform (such as Guest Notes) is strictly against PCI compliance standards and is done entirely at the risk of the Inntopia partner.
- RMS users that are set up with the supplier-collects payment processing model can view the CVV code on the Deposits/Payments tab of the Reservation Detail window for 48 hours from the time the CVV has been collected from the guest.
- For resellers that are set up with the supplier collects payment processing model, the credit card number and CVV code is passed from Inntopia eCommerce or Inntopia CRS to Inntopia RMS for the supplier to process the payment. If the supplier does not process the payment within that 48-hour window, they must contact the guest directly to obtain the CVV code to process payment.
A: Yes, future deposits on existing itineraries will process without any interruption.
A: If there is a change to an existing reservation that requires additional payment (day added, lesson added, etc.), the CVV will be required for payment processing. Otherwise, existing reservations currently on file will not need a CVV.
A: Yes, all new purchases will require CVV.