The Hotel Electronic Distribution Network Association (HEDNA) explains this further:

 

HEDNA has created a sub-committee whose target is to achieve a standard for the hotel industry in regard to credit card verification and validation that you can pass on to hotel customers.

 

To recap: the CVV2 is equal to the signature of guest and legally no entity can store the CVV2 in any database. When passed, the CVV2 information has to be used for credit card validation and payment; it can't be stored for future payment.

 

This means for us that no CRS, PMS or any third party database (such as GDS) can store the CVV2 number. Legally spoken, interfaces are allowed to pass that information, but we are not allowed to store this piece of information anywhere.

 

As hotels do need to complete transactions in case of no-shows and cancellations, VISA, MasterCard and American Express have been consulted by HEDNA on what the hotels can and should do. Their confirmation is that CVV2 is not required to process no-shows and cancellations, see statement below. Visa provided already documentation about it; HEDNA is following-up with MasterCard and American Express to get their best practices in writing.

 

So, if any hotel customers are facing challenges in getting no-shows charged because the issuer/credit company is requiring the CVV2, please ask them to send their specific case to HEDNA. www.hedna.org