In this post we summarise the keys to ensure that the entry into force of the PSD2 regulation affects your hotel's operations and profitability as little as possible.
There is a great deal of confusion about the entry into force of the new regulations, and although banks, OTAS and back-office systems have made great efforts, the system is ill-prepared for the change, especially with regard to payment authentication.
First. Talk to the bank and request that no changes are applied to your current operations.
It is common knowledge that the system in general, and the hotel system in particular, is not ready for PSD2 and especially the application of SCA (Strong Customer Authentication).
At GuestPro we estimate that between 20% and 30% of guests have cards that are not ready to operate with 3DSecure or other means of verification, so for the time being we recommend our clients to continue operating as they have been doing so far with their Virtual POS.
Against this background, it is logical to apply a moratorium of at least one and a half years for the entry into force of this regulation. Our advice: don't want to be the first to comply with the regulation; complying with it will cause you much more problems than not complying with it, at least at the beginning.
Even if your bank is PSD2-ready and will put pressure on you, many of your customers' cards are not. Try to hold out as long as you can. There is always time to add more restrictions to your operations, but you may find it impossible to go back if you do it too soon.
Second. Talk to the OTAs and ask them not to apply changes to your current operations.
Despite the moratorium, the major OTAs have already taken the opportunity to announce that they will start charging for stays in advance, charging customers, and remitting virtual cards (VCs) to the hotel.
So far so good, however, this change could mean an increase in costs, but above all, it is not clear how the hotel will receive the payment, as the problem with the SCA will end up being the same with a VC as with the end customer's card, as it has to be authenticated by the cardholder.
Although it has been announced that they are adapting their systems to be able to include the verification code (3DS?) in their XML, the OTAs have given few details of this operation, and we are still far from it becoming a reality, so we suspect that this move by the OTAs responds to other interests, and they are using PSD2 as a pretext to force the change of operating mode to "collect" (prepayment to the OTA) for the majority of their hotels in inventory.
Given this scenario, as in the previous case, our recommendation is to hold off until everything is clearer. Wait for the system to mature and study the change of operation when it is clear how it will be carried out technically and the costs it will entail for the hotel.
Thirdly. Adapt direct sales according to the responses of the bank and the OTAs.
There are four possible scenarios:
A) The bank and the OTAs force us to implement the SCA.
All payments must be guaranteed by SCA. In this scenario it is logical to think that we will only be able to operate with non-refundable rates, however, there are other options, such as requesting payments to the client as cancellation deadlines expire.
At GuestPro we have some clients who use this option, as our platform allows you to automate virtual POS payments with 3DSecure:
- Deposit or prepayment: Payment of a deposit at the time of booking (payment is made online by redirecting the client to the POS at the time of booking. This deposit may be refundable.
- Penalty for cancellation: Payment of a second amount at the end of the cancellation period. The customer receives an email requesting payment of a second instalment, which may be the total amount remaining or another amount established in the policy. If the customer does not make the second payment within the established period, the booking is automatically cancelled.
- No-show: With the implementation of the SCA, no-show penalties are meaningless. No matter how honest our customers are, leaving the initiative to pay on their side is too unpredictable and should be avoided from now on.
B) The bank forces us to implement the SCA but the OTAs allow us to operate as before.
In this case, the bank sets the rules and we will have to adapt all our operations, including the engine and OTAs, to work with SCA.
C) The bank allows us to continue operating as before but the OTAs force us to change to "collect" mode.
In this case we have 2 options: adapt our entire operation, including the engine, or try to take advantage of direct booking, where customers could continue to book without having to advance a deposit or prepayment, which would mean a new unexpected competitive advantage for our direct channel.
D) Neither the bank nor the OTAs are forcing us to change at the moment.
Super. Our recommendation is to wait. Adding restrictions to our policies or problems to our operations would only mean losing competitive advantage over those who can continue to operate with the current, less restrictive, and therefore more attractive entry model for the customer.
GuestPro and PSD2
If you are our client you should know that our systems are fully prepared for the entry into force of PSD2, in the same way that we are designed to work under PCI-DSS "out of the box", we do not conceive any other way of working.
From payment automation, card tokenisation, to sending payment requests via Virtual POS with 3DSecure2 authentication, our entire platform is designed not only to comply with the regulations but also to make it convenient and operationally efficient, thanks to the automation possibilities offered by our solutions.
If you have any questions or would like more information about our platform, please contact us!
