Credit card fraud has become a persistent issue in the hospitality industry, criminals are constantly developing new schemes, while security experts are trying to counter them. The current global pandemic has negatively affected the hotels and led many of them to abandon certain verification practices in order to attract more clients. This situation has presented scammers with new opportunities to take advantage of the imperfect systems and inevitably caused credit card fraud cases to increase. Nowadays, it is vital for both industry shareholders and stakeholders to recognize that this problem exists and work together to eradicate it or, at least, minimize its impact. Hotels can follow three steps that will reduce the risk of credit card fraud, these include: requesting clients to show their IDs and cards, being compliant with the PCI guidelines and the EMV standard.
Requesting clients’ IDs and cards
It is extremely important for every hospitality services provider to ask their clients to show their credit card and identification documents in person. This helps the hotel employees make sure that the card was not stolen or the ID was not forged. Guests often may request to use their card, which the hotel already has in their database, but despite this approach being efficient and less demanding, it is still not recommended. For example, “fraudsters can use stolen credentials to log in to a customer’s account and book a hotel room with a card on file or by using loyalty points” (Carlino). Such situations must always alarm the hotel managers and become the pretext for ensuring that the customer’s ID and card information match. In the card-not-present events, the risk of fraudulent activity increases since when people make a reservation online, there are usually no requirements for the customer to be the cardholder. Thus, it is essential to verify the client’s identity, comparing it with the credit card information, on their arrival.
Adhering to the PCI guidelines
As it was mentioned earlier, nowadays, people tend to book rooms online, which creates certain conditions for criminal activity. Nevertheless, educating the personnel on the subject of IT security can help reduce the instances of credit card fraud attempts and ensure the organization’s success. Therefore, hotel managers and staff must always be acquainted with the current state-of-the-art technologies and follow the latest guidelines on preventing credit card fraud. One of the most effective programs which assists hotels in maintaining their systems protected from external infiltration is the Payment Card Industry Data Security Standard (PCI-DSS). This is a set of requirements which an organization can rely upon to guarantee that the customers’ credit card information is transmitted securely. It implies installing specific software, updating passwords, maintain firewalls, giving each employee their personal IDs, tracking “all access to network resources and cardholder data” (Introduction to PCI Compliance). Following these guidelines will help hotels prevent major credit card frauds and thefts, as well as security breaches, for example, by requesting the customer to go through a two-factor authentication, requiring an SMS verification code.
Complying with the EMV standard
In the past, credit cards used magnetic stripes, which were prone to fraud, since they did not have reliable protection and could be copied by criminals. In 2010, Europay, Master, and VISA (EMV) introduced a new security standard for credit cards, replacing the stripe with a chip, which generated a new code for every transaction. This has helped significantly decrease the number of fraud instances in the card-present situations and ensured that counterfeit cards would not be recognized as eligible for use. Yet, for the technology to work properly, companies have to install EMV terminals and receive certain certifications. It is essential for all hotels that are concerned with the problem of chargebacks and card fraud to implement this standard. According to the EMV rules, if a merchant does not have an EMV terminal, they become liable for the fraudulent activities, which puts at risk the financial stability of the enterprise (5 Reasons Why). Moreover, the EMV systems can automatically detect the cards which were stolen or duplicated by scammers, this gives hotels an opportunity to prevent fraud and decline services to potential criminals.
Credit card fraud has been one of the most pervasive problems of the past decades for hotels, resulting in financial losses and reputational damage. Yet, today, there are numerous ways companies may employ to counteract scammers and take preventive measures in order to keep their systems intact. An effective step a hotel can follow is to always check whether their clients have matching IDs and credit card information, this rule is simple in its implementation and does not require any extra resources. Another important guideline is to make the hotel compliant with the PCI framework, the requirements it outlines can help ensure that the organization’s IT infrastructure will be able to detect fraudulent activities in advance. Last but not least, hotels should adhere to the EMV standard, namely, instal the terminals that work with the modern chip-based cards, which will automatically verify if the customers’ cards are being used for fraud. Thus, by following these rules, hotels can significantly reduce the risk of credit card fraud and provide excellent services for their guests.
Carlino, Nicole. “How Hotels Can Mitigate Their Fraud Risk.” Hotel Business, 21 Jun. 2018, Date of Publication in Day Month Year format, Web.
“Introduction to PCI Compliance – 12 Rules Every Hotel Lives by.” Advanced Hospitality Technologies, 2019, Web.
“5 Reasons Why EMV Technology Should Be Implemented at Your Hotel.” Jonas Chorum, 2019, Web.