Category:

Insights: How startups deal with PCI

23. November 2017 in General

PCI DSS compliance and cardholder security is a topic travel-technology startups rarely speak about, not least because it’s challenging and involves time and money without immediate and tangible returns. No matter whether you are bootstrapping or backed by external funds, you should be very conscious about PCI compliance because a breach will not only hit you financially but also on reputation-level. So it’s crucial to gain customers’ trust and loyalty.

As a startup, there are basically two approaches to achieve PCI compliance. You can either build your own PCI compliant environment from scratch or use a proxy tokenization solution as a service. More information about this make or buy approach can be found on our latest blog.

Taking that into account, let’s find out how startup Bookiply initially approached PCI DSS compliance, what was important for choosing a solution and what made them trust in PCI Proxy to keep their cardholder data safe. Therefore we had the pleasure to chat with Amélie, Product Manager at Bookiply.

Continue reading »

New fraud prevention feature

12. October 2017 in General

In order to check if a credit card is valid, stolen or exceeded, it is still a common procedure to authorize a small amount (1 EUR), a so-called ghost authorization, prior to authorizing an actual booking or purchase. This important fraud prevention feature allows verifying the account holder and provides information about the validity of the credit card. The only problem is that the authorization still shows up on the cardholder’s statement. As a result, it might cause confusion and suspicion by the customers.

In order to avoid confusion, payment networks advanced alternative ways to check the validity of credit cards by authorizing a zero-amount instead of an actual value. Main benefit, the authorization does not appear on the customer statement.

Continue reading »