Trust & compliance
Compliance posture across the booking payment lifecycle
One audited environment plus scheme capture-window rules per vertical (card-present,
lodging, vehicle rental, ticketing). Sub-merchants inherit the posture across every
booking surface.
- PCI DSS Level 1
- Card data captures into the platform vault before any connected acquirer sees it; sub-merchants inherit the posture across every booking surface.
- Scheme capture rules
- Visa and Mastercard capture-window rules respected per vertical — card-present, lodging, vehicle rental and ticketing each have their own permitted windows.
- SCA & PSD2
- Selective EMV 3DS2 at the initial booking authorisation; stored-credential captures (no-show, balance) follow scheme rules for the exempt category.
- Refund & dispute controls
- Refunds against the vault token with operator-side justification, reason codes, actor ID and timestamp logged for audit.
- Sanctions & AML alignment
- Sanctions screening on onboarding; AML monitoring tuned per merchant vertical and ticket size.
- Licensed verticals only
- Licensed gaming, regulated financial services and other compliance-bound verticals supported only where current operating licences exist. Grey and black-market verticals are out of scope regardless of booking shape.