Webervations - three digit security cod

Bed & Breakfast / Short Term Rental Host Forum

Help Support Bed & Breakfast / Short Term Rental Host Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
 
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
.
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
 
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
.
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
.
Morticia said:
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
There really is just no debate on this - any system that even allows for it to be stored for any period of time - period - cannot be in compliance. Even allowing for it to be stored means that it is on someone's system, somewhere. As an innkeeper, if you are using a system that does this - you are going to be liable.
Ultimately I long for a day when 3rd party audits are required for software provider storing credit cards. There is way, way, way too much misinformation out there on this and too many systems that may appear to be "friendly" in what they do, but ultimately may be pose a major problem in the long run.
 
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
.
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
.
Morticia said:
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
There really is just no debate on this - any system that even allows for it to be stored for any period of time - period - cannot be in compliance. Even allowing for it to be stored means that it is on someone's system, somewhere. As an innkeeper, if you are using a system that does this - you are going to be liable.
Ultimately I long for a day when 3rd party audits are required for software provider storing credit cards. There is way, way, way too much misinformation out there on this and too many systems that may appear to be "friendly" in what they do, but ultimately may be pose a major problem in the long run.
.
I guess then, that ALL of the entities involved in cc processing must some day speak to each other. The cc companies have stated no one may store the code. And yet, how many PROCESSORS are requiring that the code be entered? At some point, if the code must be entered, the code has to be in the possession, however temporarily, of the seller of the goods, no matter what those goods are. (And that info can be stolen no matter how large or small the company is.)
Of course none of us want to be responsible for losing anyone's cc info, but we can only do what is required from us by the companies processing the cc. And getting out of a cc processor's contract is not by any means easy or cheap, at least not mine. So, I'm happy mine doesn't require the code for processing deposits or sales of GC's.
Although it is important that our booking systems are compliant with the laws of the land, we still have to get paid for the work we do. So, the bigger issue is getting the processors to be compliant. If this whole cc info storage thing continues on in this vein, I may just decide to stop taking cc info at all and require all guests to mail a check.
 
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
.
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
.
Morticia said:
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
There really is just no debate on this - any system that even allows for it to be stored for any period of time - period - cannot be in compliance. Even allowing for it to be stored means that it is on someone's system, somewhere. As an innkeeper, if you are using a system that does this - you are going to be liable.
Ultimately I long for a day when 3rd party audits are required for software provider storing credit cards. There is way, way, way too much misinformation out there on this and too many systems that may appear to be "friendly" in what they do, but ultimately may be pose a major problem in the long run.
.
I guess then, that ALL of the entities involved in cc processing must some day speak to each other. The cc companies have stated no one may store the code. And yet, how many PROCESSORS are requiring that the code be entered? At some point, if the code must be entered, the code has to be in the possession, however temporarily, of the seller of the goods, no matter what those goods are. (And that info can be stolen no matter how large or small the company is.)
Of course none of us want to be responsible for losing anyone's cc info, but we can only do what is required from us by the companies processing the cc. And getting out of a cc processor's contract is not by any means easy or cheap, at least not mine. So, I'm happy mine doesn't require the code for processing deposits or sales of GC's.
Although it is important that our booking systems are compliant with the laws of the land, we still have to get paid for the work we do. So, the bigger issue is getting the processors to be compliant. If this whole cc info storage thing continues on in this vein, I may just decide to stop taking cc info at all and require all guests to mail a check.
.
I'm being told that we will in the future have to deal with companies that do the processing for us and pay their fees.
I work 6.5 days a week and do not plan to pay any more fees than I already do to get paid. I do not plan to go with Expedia or any of the big boys as they take too much money and when you cancel they continue to list you as "not available" so the general public will assume that you are full.
I am only lucky in that I already require the tours deposit be in check form. Those that are too lazy to mail a check will call me at which point I will get the CVV number from them to process but only if they pay the whole tour up front. This usually gets rid of those who don't want to make a committment. And If I get busy then I'll just bite the bullet and buy the portable processing machine that will enable me to swipe the card at my van when I drop the guests off. I would rather pay the $700 (hopefully by then the price will be lower) for equipment than to some company like Expedia or Orbitz.
I may when this all comes to be require a check for deposit. I can only get away with this because many book for the tour package and want the tour enough to do it. This would help me twofold in that I will not have to deal with chargebacks if I have deposits in check form.
Again, when they call on the 800 number because they are too lazy to mail a check, I will ask for the CVV number.
Seems like it may be the only way out if all of the booking companies eventually get rid of taking the number for us to process. I just don't know who is telling us the whole story - so I'll wait to see if any of them indeed have the system to work and be compliant or not.
Riki
 
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
.
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
.
Morticia said:
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
That's the way that Webervations used to be, and the way their Beta version is which they won't let me switch to. They say they will be removing it sometime this year.
I assume that is the way that Resnexus is operating, which is the system I'll switch to once I have my other rooms up if they are still able to take the number
RIki
 
We are not required to collect that code in order to run the card. You might look at a processor that does not require it.
Or, challenge your processor to make it so that you don't need the code. If you cannot store it, they should not require you get it..
Ditto ,same as Morticia....not required here..Mary in Bridgewater
.
Mary, if you don't mind my asking, who is your processor? So many people recommend Tom that I wonder what they all are doing about this...
RIki
.
Forgot to add, when the c.c. machine ask if the guest is present (deposits) I was told to ALWAYS punch in YES. Never tried to do it otherwise.Mary in Bridgewater.
.
Well the good news is that someone who had previously wanted to book us this weekend checked just for giggles on Friday and saw our suite was available and emailed me, booked it so all was fine.
Now there appears to be two reservation systems that let you use the three digit code - Resnexus and Availabiltyonline.com which is said to be $65 per year.
But what has been pointed out is that it appears the system is getting stricter about processing credit cards (which is possibly why many like Webervations is removing the ability to access the three digit code - they allow it in the beta version which some have but they told me that they will be removing it soon from the beta system as well)
So, the question which was posed to me is before I switch to anyone, to find out if they have upgraded to the new requirements, or have they just not removed the abiltiy to temporarily capture the number for the user to process then delete it.
So I'm still checking....
Riki
.
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
.
Morticia said:
I haven't gone back to check but I was able to turn off the requirement that the guest enter the code to make a rez. I don't know if I can turn it back on or not. With all the flap about storing them, I'd prefer not to. That's in SuperInn. OK, I just looked and I can require the code but there is a big warning that it is not legal to store that code. So, if I had to have the code for deposits (which I don't), I could require it and then delete it once I processed the deposit. There is a separate 'delete' button to purge all the codes and another to purge all the cc numbers. (I have the cc info set to purge automatically.)
I do know that I made a rez using AvailabilityOnline back in Jan and the code field was required. I don't know if that system has the option to turn off the requirement and the particular B&B just didn't do it.
There really is just no debate on this - any system that even allows for it to be stored for any period of time - period - cannot be in compliance. Even allowing for it to be stored means that it is on someone's system, somewhere. As an innkeeper, if you are using a system that does this - you are going to be liable.
Ultimately I long for a day when 3rd party audits are required for software provider storing credit cards. There is way, way, way too much misinformation out there on this and too many systems that may appear to be "friendly" in what they do, but ultimately may be pose a major problem in the long run.
.
I guess then, that ALL of the entities involved in cc processing must some day speak to each other. The cc companies have stated no one may store the code. And yet, how many PROCESSORS are requiring that the code be entered? At some point, if the code must be entered, the code has to be in the possession, however temporarily, of the seller of the goods, no matter what those goods are. (And that info can be stolen no matter how large or small the company is.)
Of course none of us want to be responsible for losing anyone's cc info, but we can only do what is required from us by the companies processing the cc. And getting out of a cc processor's contract is not by any means easy or cheap, at least not mine. So, I'm happy mine doesn't require the code for processing deposits or sales of GC's.
Although it is important that our booking systems are compliant with the laws of the land, we still have to get paid for the work we do. So, the bigger issue is getting the processors to be compliant. If this whole cc info storage thing continues on in this vein, I may just decide to stop taking cc info at all and require all guests to mail a check.
.
Morticia said:
I guess then, that ALL of the entities involved in cc processing must some day speak to each other. The cc companies have stated no one may store the code. And yet, how many PROCESSORS are requiring that the code be entered? At some point, if the code must be entered, the code has to be in the possession, however temporarily, of the seller of the goods, no matter what those goods are. (And that info can be stolen no matter how large or small the company is.)
Of course none of us want to be responsible for losing anyone's cc info, but we can only do what is required from us by the companies processing the cc. And getting out of a cc processor's contract is not by any means easy or cheap, at least not mine. So, I'm happy mine doesn't require the code for processing deposits or sales of GC's.
Although it is important that our booking systems are compliant with the laws of the land, we still have to get paid for the work we do. So, the bigger issue is getting the processors to be compliant. If this whole cc info storage thing continues on in this vein, I may just decide to stop taking cc info at all and require all guests to mail a check.
I guess it all depends on your perspective. All of the entities have been speaking to each other for a long, long time. Companies like Micros have been doing integrated credit card processing since the late 80's or early 90's. The problem is that solutions like Micros have not been affordable for innkeepers, and affordable integrated solutions have only popped-up in the last 5-10 years.
A big part of the issue is that since those solutions were not affordable even in the late 90's, many software companies essentially short-circuited the system to save money. Rather than build true credit card integration that works the way ecommerce is supposed to (i.e. never storing CVV but processing the transaction immediately), they just built simple html forms to capture credit cards, put them into a database, and then let merchants hand enter them. This was not only done in our industry btw - it is widespread across all types of merchants. Instead of creating an ecommerce product, they just created something easy that can piggyback on the existing old terminal-style processing that could be sold for a low cost to merchants at very high margins.
When done properly - an ecommerce system can easily capture the CVV for the transaction and not store it. If you are on the phone, you can easily ask for it if your processor requires it, and if someone is at property - you should be swiping to prove they were there. But of course all of that takes time and money, and often end customers would rather pay as little as possible for a system than pay for one that has been set up correctly. Since there are systems out there that still offer a way to do this without really having the proper back-end, of course issues like this are going to come up.
It is like a lot of things in life... a tradeoff. If you have a leaky toilet, you can hire a licensed plumber to fix it, or you can have an unlicensed handyman do it. Same goes for getting your car fixed - you can change your brakes at midas or you can do it yourself. Ultimately it is a tradeoff and you have to pick what you want to risk, and what you want to do by the book. I personally fix my own toilet when it leaks, but I take my car in to get the brake pads replaced (even though i've done it once myself). I can completely understand why folks use systems that are not setup with true credit card gateways - it is a cost savings - so the cost savings might outweigh the risks and that is a tradeoff many people make. Something everyone needs to judge for themselves. I personally wouldn't risk it given all the enormous issues out there, but that is just my opinion and my tradeoff may not be the same one anyone else makes.
 

Latest posts

Back
Top