Overview


There is a set of regulations driven by the credit card industry called PCI-DSS (Payment Card Industry - Data Security Standard) which applies to any business that retains customer credit card data. Seekom is working to comply with these regulations so that your customers' data is more secure and to assist you in meeting your own PCI compliance obligations. Some of them include:


  • Automatic log off for inactive users in iBex Vault

  • Strong (complex) password

  • Passwords must be changed every 90 days

  • Not allowed to store credit card security code (CVV)

There are more PCI related items, but most of them are behind the scenes and deal with how we store/process data. Seekom is PCI-DSS Certified as of January 2015 with registration number 10074849.


Seekom’s iBex Vault enables the capture, storage and management of credit card data and has been designed specifically to meet the requirements of Payment Card Industry (PCI).


After connection to iBex Vault, all your card data will be stored and managed by the Vault and card data will no longer be directly available from iBex. You will need to login to the Vault in order to access card data and links are provided on relevant iBex pages to facilitate this.



Master User


Each iBex Vault account will has it’s own Master User (similar to the Master User in iBex Accommodation which has full system access).


Once your iBex account has been connected to iBex Vault you will receive an email that looks like the following:



The above link in the email will only be valid for 30 minutes.


If the link no longer works then you will need to reset your password. To do this open any booking in iBex and click on the View Credit Card Details button on the Finance tab of the booking.


In the popup window will be a link to reset your password.




Tabs in Your Vault Account



Timezone – Where you would set what timezone you are in


Password – Where you would change your password


Email – Where you can change the email you use to login with


CVV – This controls whether or not the CVV/CCV number will be asked for when adding a credit card to the vault (Master User Controlled Only)


Card Types – Where you can set what credit card types are accepted (Master User Controlled Only)


Properties – This is where you add in your iBex properties (when adding a new property, the Property ID needs to be the iBex Property Id, which can be found under Maintain Property Details).


Terms & Conditions


This is where you can re-read the Terms and Conditions for your Vault account.


Users


This is where you create your users. Please click on the Staff User tab above.


Credit Cards


Find/Add Cards – This is where you search for any card details that have been added or add in new card details. Please clcik on the Search Cards tab above.


Logs – This is where you can see the activity for your account, including your users.



Staff User


When creating a staff user they can be set to have different access options depending on how much you want them to be able to do. A staff user cannot change what access options they have; only the Master User has this control.



Instructions

  • Username – This can be either their first name/last name (could be anything)

  • Email Address – This needs to be unique, so you have to have a different email address for EACH user.

  • Access – This is where you are able to limit what things your users are able to do (you are able to check more than one option for a user)
    View: Users are able to View Credit Card details
    Add: Users are able to Add Credit Card details
    Edit: Users are able to Edit Credit Card details
    Delete: Users are able to Delete Credit Card details
    Itinerary Sale: Users are able to see Itinerary Sale Card details

  • Property Restriction – If you have multiple properties, you are able to select which ones a user can see card details for
    All Properties: Users can see card details for all properties in your Vault account
    Individual Properties (by name): Users are limited to see the card details for the property selected (you are able to check more than one for a user)



Search Cards



Booking Reference


Booking Reference is the iBex booking number.

  • To add or search for credit card details for a specific booking in iBex, you would need the iBex booking reference and you would type it in the search box

Card Reference

Card Reference is the specific Vault reference number for the card details.


  • When you enter card details for a booking, the card will be assigned a Card Reference number

Itinerary Sale


Itinerary Sale is the iBex Sale reference for a multi property booking.

  • To add or search for credit card details for a specific sale booking in iBex, you would need the iBex sale reference and you would type it in the search box

An example of a booking that has no cards attached



An example of a booking that has multiple cards attached




Passwords


More about passwords


How can I set a strong password?


Please click here for more information about how to set strong passwords.


Can I set the Vault password to never expire for an individual user?


PCI-DSS compliance requires that every individual user have a strong password. In addition to a strong password, the user must change their password every 90 days.


How are users notified that their password will expire?


Users see a message whenever they sign in. The message shows when the password has expired and prompt users to change their password. We highly recommend using strong, unique passwords across services.To learn more about choosing secure passwords, check out this Help article.


What are the minimum requirements for a strong password?

  • Must be at least seven characters long
  • Must contain at least one upper case letter
  • Must contain at least one lower case letter
  • Must contain at least one number
  • Must contain at least one special character such as *, $, #, !, ?, ^, or @.
  • Must expire every 90 days
  • Must be different from previous passwords

What if users don’t change their password in time?


Users can still change their password after it has expired. The Update password page displays when they sign in, and they can enter a new password.
However, users are not able to retrieve credit card data unless they've changed the password successfully.


I'm locked out after too many login attempts


After 5 failed attempts to sign in to iBex Vault, you will be temporarily locked out from trying to sign in. When your Vault account is locked, you will not be able to sign in — even with the correct password. If you're locked out of your Vault account please contact our Support Team. In this case, Seekom support sends an email to the account's master user with additional information on how to reset the password.