Every few weeks, I hear the same thing from hoteliers:
“I’d love automated payment processing… but I don’t want to be locked into one payment provider.”
On paper, that makes perfect sense. Who doesn’t want flexibility? But the truth is: In the real world, that “flexibility” comes wrapped in a thick layer of compliance, complexity, and cost that most hotels don’t want to deal with.
So let’s have a look at the unglamorous truth no one really wants to talk about.
The compliance minefield (a.k.a. Why this isn’t as simple as plug and play)
PCI DSS
The Payment Card Industry Data Security Standard isn’t just a form you fill out once and forget. It’s an ongoing, ever-evolving set of rules designed to keep cardholder data secure. The requirements are strict. Very strict. Like the proper English boarding school head mistress from my childhood, kind of strict. And they change often enough to make sure you never get too comfortable.
SCA under PSD2
In Europe, Strong Customer Authentication adds another layer of complexity to certain online payments. Done right, it’s seamless for guests. Done wrong, it’s a booking drop-off nightmare that makes your revenue manager’s eye twitch.
GDPR
Card data is personal data. That means the General Data Protection Regulation applies, with its own hefty penalties for getting it wrong. And we’re talking about the kind of fines that make you wish you’d just gone back to accepting goats as payment. Because believe me, the vet bill will be cheaper.
And then there’s the integration process itself.
Connecting a PMS to a payment provider at the level needed for automated payment workflows isn’t something you knock out over a long weekend. It’s one of the most complex integrations on both the front and back end. It takes months to build, then constant effort to keep it compliant and secure, with 24/7 monitoring, certifications, and enough system surveillance to rival a top-level intelligence agency. Every bug, glitch, or compliance slip can also cost a small fortune, and the scheme industry penalties for non-compliance are, let’s just say, not something you want to experience.
And by all means, the entire process isn’t cheap either. In some cases, it can cost more than putting a high-end espresso machine in every guest room and hiring a personal barista named Antonio to go with it. If you want to upgrade that to a gorgeous Antonio who can also create breathtaking milk-foam latte art, well, at that point you might as well file for bankruptcy.
The hidden truth: Not all payment providers qualify
But let’s be real: Even if you wanted multiple payment providers, a lot of them can’t actually meet the requirements for deep PMS integration.
Some don’t support secure tokenisation, which is essential if you want to store a card on file safely for no-shows, upsells, or post-departure charges. Others don’t offer true omni-channel capabilities with SCA-ready APIs. Or, in plain human English without the tech jargon, that means using the same token and API whether the payment happens online, at the front desk, or later as a merchant-initiated transaction.
And then there’s reconciliation… or lack of it. In hospitality, matching the payments registered through your booking engine, channels, and PMS with the actual payments processed by your provider is already tricky. Add multiple merchant accounts to the mix and it becomes a full-time sanity test. The right API could trace every payment from request to payout and even match the deducted processing fees, but very few providers offer that. Those who do usually make it much easier if you go through a platform solution where the PMS is also a co-provider of the payment service.
So while “pick any provider you like” sounds nice in theory, in practice it’s like saying you can enter the Monaco Grand Prix with any car and then showing up in a shopping trolley. Spoiler: you won’t be taking home the trophy.
The case for a preferred partner
This is why many PMS providers (including us) choose to work with a single or carefully selected payment partner.
It’s not about limiting your options for the sake of it. It’s about:
- Speed to automation and compliance – no endless wait before you can start
- Lower operational risk – security and compliance are handled by specialists
- Predictable costs – no surprise invoices because something changed mid-integration
- Fewer moving parts – which means fewer things to go wrong in the middle of your busiest season, because let’s be honest, that’s when they always go wrong
- Single point of support – one go-to partner for both commercial and go-live matters, so you’re not stuck juggling multiple contacts. No finger-pointing between vendors, no endless email chains or thousand support tickets, and no waiting ten weeks for something that should have been fixed in ten minutes
For most small and medium-sized hotels, this approach just makes sense. It lets you focus on your guests instead of running a multi-year compliance project while guessing which regulation is going to pop up next like an uninvited guest at a wedding.
Yes, there’s a preferred route… but there is still flexibility
That said: We recommend the preferred route because it works best for the majority of hotels. But if you’ve got the internal capacity or the transaction volume to make managing multiple vendors worthwhile, and the kind of volume that lets you negotiate favourable rates, with us, you’ve got options.
You can:
- Work with one of our other integrated payment partners
- Or build your own connection using our Payment API
This route isn’t the most practical for smaller operations, but for larger organisations or those with strong internal IT capabilities, it can be the right choice. Just know it comes with its own set of headaches. Yes, exactly those kinds of headaches that make you question your career choices at 2am.
The bigger picture
So next time you hear that a PMS “forces” hotels to work with a single payment partner, look past the surface.
It’s not about restricting you.
It’s about making sure the entire payments machine, from compliance and automation to guest experience, runs as smoothly as possible without turning your finance team into a full-time regulatory task force. And trust me, coming from the hospitality industry in a country like Germany, that basically means Game Over.
But if you are one of the rare hotels that can handle the added complexity and see value in managing multiple vendors, the flexibility is there.
For everyone else, the preferred route exists for a reason.
It works. It saves you time, money and sleepless nights. It keeps your focus where it should be: on guests, not guesswork. And let’s face it, it’s far more enjoyable than spending your spare time learning the ins and outs of PCI compliance… unless, of course, you collect acronyms like other people collect fridge magnets. In that case, knock yourself out. But if you’re not a magnet-hoarding acronym addict, one trusted partner will do just fine!
