Hotel Concepts Achieves Cardholder Information Security Program (CISP) Validation

  • Itesso, an Amadeus Company
  • 03.14.08
Hotel Concepts, a leading global provider of property management/CRS technology solutions, announced that they have become one of the first property management system (PMS) vendors to achieve Cardholder Information Security Program (CISP) validation, following the recommendations of the Payment Application Best Practices (PABP) program.

By following PABP, Hotel Concepts PMS is capable of delivering secure payment applications; minimizing the potential for security breaches that could lead to compromises of credit card information and preventing damaging fraud.

Led by Coalfire Systems, Inc., a Colorado-based certified PABP assessor, the verification process assists software vendors in creating PABP-compliant applications that help merchants mitigate compromises, prevent storage of prohibited data, and support overall compliance with Payment Card Industry Data Security Standards (PCI DSS).  Conversely, merchants using payment applications that store prohibited data have inherent security weaknesses, and will not be compliant with the PCI DSS, leaving them at high risk.

Beginning January 1, 2008, Visa began the implementation of mandates, eliminating the use of vulnerable payment applications from the Visa payment platform. The Visa U.S.A. Inc. Operating Regulations mandate acquirers comply and ensure their merchants comply with the requirements of CISP.

“Achieving PABP verification for our IDPMS suite of hospitality software allows us to help our clients achieve CISP compliance and provide a non-vulnerable, secure payment application for our product,” said Erik Weller, COO for Hotel Concepts. “Merchants must begin to address PCI compliance as a requirement for business. By choosing Hotel Concepts as their IDPMS vendor, hotels can now comply with that requirement and take the best possible approach to eliminating the vulnerability of cardholder data. I am proud we are one of the few validated companies that is able to address this need for our clients.”

The Hotel Concepts PMS system meets all of the 14 recommendations requiring the protection and security of private financial data and credit card information, including encryption, access control, physical security and operational audits. The PABP program requires annual confirmation of validation, ensuring Hotel Concepts’ ongoing commitment to deliver secure applications and helping merchants comply with CISP.

"Hotel Concepts’ IDPMS v3.12 recently was PABP validated by Coalfire Systems, Inc., a Payment Card Industry (PCI) Qualified Payment Application Security Company (QPASC),” said Ryan McGowan, security account manager for Coalfire Systems. “This validation signifies Hotel Concepts’ commitment to data security and will assist HC clients currently running IDPMS v3.12 in achieving compliance with the PCI Data Security Standard (PCI DSS)."

Related Articles
want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.