Accepting payments worldwide and at all times has many advantages, but chargebacks are without a doubt the most negative consequences of working in the card-not-present space.
In this article, we will dive deep into the most common examples of fraudulent activity in the hospitality industry and look at ways it can be prevented.
Why do buyers request a chargeback in the first place?
The main reasons why a guest would want to process a chargeback are described in this guide:
While merchant error, unauthorized payments, and friendly fraud are easy to identify, clear cases of fraud are a different matter.
How can we know that a guest is legit? How can a fraudster even get someone’s card or passport details so easily?
Let’s look at a representative scenario to see how clear fraud happens so often in the hospitality industry.
How do fraudsters get access to someone’s card details?
Phishing: Phone calls, fake websites, and sales emails.
Malware and spyware: When downloading files from a suspicious source.
Skimming: Card readers at ATMs and anywhere where scammers can place a skimming device.
Data breaches: Stealing card info stored online.
Mews is 100% compliant when it comes to card storage. You can read more about this topic in this guide:
Public Wi-Fi networks: Unsecured public Wi-Fi networks can be dangerous if you enter sensitive information while connected.
The trash, literally: While it may seem old fashioned, criminals can dig through your garbage to find credit card statements, account information, and other information they can use to their advantage.
As you can see, there are many ways for fraudsters to steal sensitive data, without you even knowing that it is happening.
So what happens next? Let’s look at the story below:
Let's say Mr. and Mrs. Smith are a young couple who love to travel around the world, but they can’t always afford it.
So, they decide to buy a credit card and an ID on the dark web, which in the end will be cheaper than paying for a stay in a luxury five-star star hotel.
The minimum price per credit card on the dark market is 70 cents.
The important part here is that the accommodation services should be used within the next few days, in case the real cardholder notices suspicious activity and notifies the bank. It usually takes a few working days for the bank to start investigating the transaction, which is why fraudsters prefer short stays and pay on the day of arrival or at most a few days before the actual stay.
Fraudsters use various sources to book a stay, but most common are via direct emails and phone calls.
All set – they got a card and an ID, and now it's time to make a reservation.
Mr. and Mrs. Smith email the property with the below inquiry:
Looks legit at first glance, but there are several red flags here that hotels need to be aware of.
There is no request for pricing details. They are happy to pay any price.
They request a short-term stay and the inquiry has been sent the same day as the check-in date.
They request to charge the card asap; fraudsters want to know if the payment went through.
The card details are emailed, which is not a secure way of sharing information
But for the receptionist, all the required information has been provided and the card can be charged, so a reservation can be confirmed.
Voila! Mr. And Mrs. Smith had a wonderful stay and are ready to go back home.
What happens next? In the next few weeks or months (depending on the issuing bank) a chargeback claim comes along with the reason of “fraud.”
Another example that happens very often is the so-called “reservation cancellation scam.”
You receive a booking via email, and it is paid for using a credit card. The booking is canceled shortly afterward, and you're asked to refund some or all of the payment by sending the funds via a bank transfer or some other method.
What may be happening here is that you've been given stolen credit card details. However, the scammer is hoping that you will transfer your money into their account before you realize what’s happening.
In cases like this, you should refund the credit card transaction to the actual credit card that was initially used. Otherwise, you'll lose not only the money you billed to the credit card but also the money you sent to the scammer.
What can you do to prevent fraud chargebacks?
Use the clear payment descriptor in Mews
When a cardholder looks at their bank statement, they should immediately recognize the purchase they made. Avoid using parent company names and shorthand that only makes sense to you.
2. Manually review payments
Does the customer’s contact information seem legitimate?
Does the customer’s email address match the name on their card?
Has the customer tried to make other payments that were declined? If each failed attempt is associated with a different card, there is a much greater risk of fraud.
If the customer has made multiple payments (including those that were declined), did they use: a) many different cards to make the payments (more than just a couple); or b) the same card but different addresses?
3. Verify your customer's identity
Regardless of whether a payment seems suspicious, it’s good practice to ask your customers for proof of identity before check-in.
If a payment made in advance (i.e., when the stay was booked) seems suspicious, we recommend contacting the customer directly to verify their details before you confirm the reservation.
4. Refund suspicious payments immediately
If you suspect a payment is fraudulent, refund it as soon as possible to avoid a chargeback later.
5. Make sure your payment and refund policies are clearly presented to customers – and that you can prove it
In case the customer argues about your rate policies or anything else for which they may have been charged, your best defense is to show that the customer accepted the terms and conditions of the rate on the website, and received a confirmation email with clearly stated terms and conditions.
6. Communicate with the customer
Credit cards are usually kept on file and then charged retroactively for additional services or charges, and since the customer may have already left the hotel at this point, they won’t know why they’ve been charged.
What can Mews do to help you?
Make 3DS authentication default
3DS is a very helpful tool for securing yourself when accepting payments over email or by phone. Just enable 3DS then send a payment request and you have 100% protection from fraudulent chargebacks
2. Mews Terminals
Did you know that no chargebacks have been claimed on a Mews terminal transaction since day we launched them?