Card payments can be taken in a number of ways:
An online card payment from your customer at the time of booking, this is known as an e-commerce payment (Ecom for short).
You can also take a payment yourself using the card details, this is called a MOTO payment which is short for "Mail Order Telephone Order" (MOTO).
To take a payment yourself select the booking in the Diary and then click FabPay.
a) You take a payment by clicking the (Card Payment) button and completing the steps, you will need the card details.
Once a payment is taken you will have a "token" that you can (USE) later to take repeat payments i.e. taking the balance for a booking (See FAQ - What is a token).
b) If you have already taken a payment you will have a token. You can (USE) the token to take a payment from the card. The token will look something like this –
simply click on the (USE) button to take a payment.
To take a payment from a token select the (USE) button. It will look a bit like this:
A token is created so that you can keep the card details in a secure PCI compliant way.
You will have a token if:
a) You have already taken a payment from a card
b) You have previously created a token.
If you are using freetobook's channel manager some travel websites (i.e. Booking.com) will send customer card details in a tokenised format. You can find these tokens by clicking on the booking in your Diary and selecting the FabPay Tab.
To take a payment from the token of a channel booking simply click the (USE) button at the end of the line the token is on.
The time it takes for a payment to arrive in your bank account depends on your merchant provider, you will need to check with them. Typically is its 4-5 working days plus a day for SagePay to handle the payment process.
A token is a secure and safe way to keep customer card details in the SagePay vault. Tokens are the most secure method of card handling and fully PCI compliant.
Tokens look a bit like this:
xxxx xxxx xxxx 1234 exp 12/17
Your customer's card details are always created in SagePay using their secure page, so you can be assured of PCI level 1 compliance. Once you have a token of a card you can USE it to take a payment from that card into your bank.
When you take a payment from a customer's card a token is automatically created. When your customer makes an online payment for a booking a token is created (verified token), and if you type the payment in yourself a token is also created (unverifed token).
It is also possible to create a token without taking a payment, some properties might do this if they want to hold the card details as a guarantee but don't want to take any advance payment. You decide these settings in your FabPay account depending on your policy.
Most properties will use tokens to take repeat payments.
Once you have the token just select the (USE) button to take a payment from the card. It's ideal where your policy is to take a deposit. To charge the balance later you simply click the (USE) button.
Other properties might use tokens to take a payment in the event of a no-show; the token is a way of securely keeping the card details. FabPay is completely flexible to your policy and your business requirements.
Verified tokens are better for online payment because they are authenticated via 3D secure which attempts to verify the customer with a password and reduce your risk further. This will normally also mean lower transaction charges from your merchant provider and no need to get the CV2 (the 3 digit number on the back of the card) for repeat payments. Verified tokens can only be used to take payments to 115% of the booking value. Once this amount is reached the verified token is replaced by an unverified token if there is a valid one. Further payments can be taken, however the CV2 will be required or will need to be switched off, this may increase your charges with your merchant provider.
Unverified and verified tokens have different times to live. When a verified token expires it will be replaced by an unverified token if the unverified one lasts longer. When both expire neither can be used for payment and new card details need to be attained. Once a token expires it cannot be used.
The extra checks made with a verified token will let you know how valid the card is. In the case of online tokenisation (where your customer enters their own card details online) it will also allow you to take 3D secure payments which can have liability shift making it impossible for the card holder to deny making the transaction.
Verified and Unverified tokens have different validity lengths. When a verified token expires it will be replaced by an unverified token if the Unverified one lasts longer.
Verified tokens are valid for 90 days or until the card expiry date whichever is shorter.
Unverified tokens are valid until the expiry date on the card.
Both token types are deleted 7 days after the departure day of the booking or if the booking is cancelled then 7 days after the date of cancellation.
When tokens expire or are deleted they cannot be used for payment and new card details need to be attained if further payment is required.
Yes, we show you the level of your credits at all times and you can top them up at anytime. If they get low we will trigger an email warning so that you can add credits before they run out.
Without sufficient credits you can not take payments. No card details can be captured from your customers if you do not have enough credits. You must ensure you always have sufficient credits by increasing them when they get low.