Card Verification Value (CVV)

For merchants required to collect the Card Verification Value (CVV) code or Card Validation Digits (CVD) from customers for online credit-card transactions, resellers using a compatible payment gateway can request Inntopia activate the necessary fields in their the CRS, eComm, and RMS systems. The JSON and V9 APIs also support collecting the CVV code.

  • CVV collection is available for resellers using the following payment gateways with their Inntopia system:
  • There are fields in all three Inntopia systems to collect or view the CVV codes for all accepted credit card types (VISA, MasterCard, American Express).
  • In accordance with PCI compliance, the following rules are in place:
    • Once the CVV code is entered and saved in Inntopia CRS or eComm, the code is encrypted and stored in the Inntopia database for up to 48 hours but is no longer visible in the data entry field.
    • If the CVV is still in the system, it's indicated on the CVV field by asterisks.
    • For saved reservations not confirmed within 48 hours of entering the CVV, the CVV is purged and must be obtained and entered again to successfully process payment.
  • Card verification occurs for reseller collect-only itineraries and for combination reseller-/supplier-collect itineraries.
  • Card verification does NOT occur for supplier-collect-only itineraries. For supplier-collect-only itineraries, the CVV code collected in eComm or CRS is passed to Inntopia RMS where the collecting supplier can then view and pass it to the issuing bank for card verification. The CVV remains visible in Inntopia RMS for 48 hours.
  • The card-issuing bank performs the verification on the card.
  • Any time a charge is attempted on the card, Inntopia passes the code to the card-issuing bank for verification.
  • Using the Reserve button when attempting to confirm a reseller-collects itinerary where payment is required at the time of booking triggers card verification. CVV is purged from the system upon charging the card.
  • When new items are added to a previously reserved itinerary, CVV must be requested and collected again to complete the reservation.
  • When collecting payment through the Guest Payment Queue or Customer Account Receivable, the CVV is not required and could remain in the system for 48 hours IF it was not previously used in the confirmation of an itinerary.
  • CVV is required any time a change is made to an existing customer's credit-card profile.
  • CVV is required for all credit cards entered into new and existing customer profiles.

Note: As there is no prompt/reminder to update the CVV before attempting to complete a reservation in the CRS, Inntopia suggests agents add this step to their process of booking reservations.