Keep your guest and property data secure
Prevent cyberattacks, avoid data breaches and increase guest loyalty with enterprise-grade security features. At Mews, our ongoing commitment to data privacy and security is embedded in every part of our business.
Microsoft partnership
Mews builds on strong security guarantees and SLAs from Microsoft.
Compliance
Industry certifications ISO 27001, PCI-DSS Level 1, SOC 2 Type 2 and GDPR compliant.
Data privacy
We go beyond basic GDPR requirements and give guests control over their personal data.
Disaster recovery
Four levels of database backup keep your guest and property data covered.
When more people are granted access to sensitive data, the risk goes up. Stay secure as you scale with our Identity Access Management features which simplify user management across multiple properties and devices.
Single Sign On
SCIM user provisioning and deprovisioning
Two-factor authentication
Our built-in security features, ongoing monitoring and automated threat responses keep you and your guests protected.
Automatic updates
99.9% uptime
Along with the security guarantees and SLAs from Microsoft and utilization of their multi-geography data centers, having a cloud-based (and native) platform minimizes the surface exposed to potential attacks. If an attack were to occur, automatic and continuous data backup allow for rapid restoration.
To bolster system security, parts of our system continuously undergo penetration testing by a third party, looking for risks or weaknesses in the security, before they can be hacked. Additionally, we have established a Bug Bounty Program to leverage a community of ethical hackers for continual testing and disclosures. We also go through audits, certifications, due diligence processes and pen tests.
To give you and your guests peace of mind, Mews meets industry standards and best practices in safeguarding sensitive data – we are GDPR, ISO27001, NF525, PCI DSS and SOC 2 Type 2 compliant. Our policies and processes are designed to meet the stringent standards of security and privacy certifications, prioritizing your privacy and data security at every step.
Embedded into the platform, Mews Payments is fully compliant with global industry standards to safeguard cardholder data security.
Tokenization
To protect guest payment details, they are tokenized and then safely stored to limit the cardholder data in the environment. For extra protection some regions or property settings may need to verify identity with 3D Secure or 2-factor authentications.
P2PE
Point-to-Point Encryption (P2PE) is a way to keep cardholders’ information safe by encrypting it from the start to the end of the transaction. Mews Terminals use P2PE to make sure card data is secure.
PCI DSS
Payment Card Industry Data Security Standard (PCI DSS) is a global set of rules designed to protect account data. Our rigorous adherence is reflected in our certified track record, ensuring that the annual independent compliance audit is passed.
PSD2
Payment Service Directive (PSD2) is a set of rules for payment services and providers in the EU and EEA to follow to protect customers. Mews Payments follows these rules and uses 3D Secure to make sure customers are who they say they are.
Four levels of database backup mean we can get your data restored and back to you – with no loss of information.
Local high availability cluster
Two identical replicas of the database are stored so that we can retrieve the second one in the case of an incident.
Point in time restore
If needed, we’re able to restore a complete database to a particular point in time – even up to 35 days back.
Daily snapshots
Every day, we take a snapshot of the primary database using the point-in-time restore capability to another backup server.
Guests can manage their personal data, request profile deletion and select which data can be shared with the property.
Make it remarkable.
Ready to take the first step towards a more efficient, flexible, guest-centric approach to hospitality?
.webp)