- Top Industries
- Resource Center
Tablet Hotels is the official hotel-selection of the Michelin Guide, celebrated for giving its users the ability to quickly and easily book the world’s most exciting hotels. As a next-generation booking platform for luxury and boutique hotels, Tablet works closely with online travel agencies and channel managers to make reservations and exchange cardholder data.
In order to reduce risk and simplify compliance, Tablet wanted to find a way to remove cardholder data from its environment, but it still needed to be able to easily and securely transmit that data to channel managers, OTAs, and PSPs without bringing it back into their internal systems.
"That was the killer point: How do we get customer credit cards out of our networks?" Tablet Hotels Head of Engineering Henry Mendez Jr. said.
To solve this problem, TokenEx captured and tokenized incoming cardholder data before it entered Tablet's systems and then securely transmitted that data to Tablet's ecosystem of third-party partners, enabling the hotel curator to operate securely without incurring unnecessary risk or cost.
Tablet leveraged the TokenEx platform's unique ability to collect and transfer sensitive data without ingesting it in its unprotected form.
TokenEx’s platform fit our problem perfectly. It’s been beneficial for reducing risk and showing our parent company, Michelin, that security is one of our top priorities, and then it also has the backend flexibility we need to transfer data to our partners without bringing PCI into our networks. It was essentially a no-brainer.
As a result of working with TokenEx, Tablet instantly reduced its PCI footprint while enabling the flexibility it needed to preserve its existing operations—saving tens of thousands in development costs and virtually eliminating the potential impact of a breach. Additionally, it simplified the typically painstaking process of PCI assessments.
"We haven’t been dinged for any security risks through our credit card handling process," Mendez said. "All of our OTAs require an attestation of PCI compliance, and with TokenEx, it's never been questioned."