To preserve the security of your customer's data, we urge you to NOT store their credit card information within YouLi - we integrate with Payment Gateways that can do this securely for you.
Some things to be aware of:
If you accept credit or debit cards, PCI Security Standards apply to you. Even if your customers ask you to store their credit card data, you shouldn't.
Both Stripe and Square are PCI-compliant payment processors. They have specialized security controls to secure customers’ data, and therefore you lessen the risks involved in storing credit card data. This is why we utilize these payment processors for traveler bookings!
- Auto-charge is a feature to re-use securely stored credit cards to pay on an instalment plan.
NEVER collect credit card information using a text field (any field in the tasks forms). Fun Fact: Even an encrypted text field doesn’t comply with PCI standards. So ALWAYS use a credit card-specific field.
You should NOT store credit card information in a planner note, form builder, a spreadsheet, database or on a piece of paper. None of these options are safe, nor are they PCI-compliant.
Convenience vs. Security
We understand that the travel industry has operated by sharing credit card information in a more casual way, which is why we wrote this article.
As a platform, we take our responsibility as your data stewards to help you be safe and keep the data of your customers safe. No matter how much it seems like the convenience of writing down their credit card outweighs the risk of capturing this information in a way that can be stolen - IT NEVER IS!
Your customer might be annoyed they have to click to a form and enter their credit card information right now - but they would be even angrier if a data breach caused them to have their identity stolen and fraudulent charges made.
If your team is struggling to find a way to service your clients without storing credit card numbers outside of a payment gateway (Stripe, Square, etc), please be in touch with our team and we can discuss your digital transformation to a more secure business process.