Common Types of Hotel Fraud & Using Automation to Prevent Them

By now, every hotelier has felt the pain of fraud and chargebacks. As attractive targets who have guests demanding to do even more online, the risk continues to grow – but leaning into digitalization is far more your solution than it is your risk. The best defense is being prepared and proactive, and technology can take a lot of that burden off of you.

Before we dive into the benefits of digitalization, let's make sure you understand the risks it protects you from.

Common Types of Hotel Fraud

Criminal Fraud

Criminal fraud is very common. This is when a purchase is made with a stolen credit card and therefore the authorization never should’ve been made in the first place. The cardholder’s going to flag the fraudulent charge and dispute the case, and that’ll result in the card being closed and a new account number being issued.

Card Testing Fraud

Card testing fraud is when a fraudster purchases a stolen credit card via the dark web and begins testing it with authorizations to see if the card still works. In the case of hotels, they book several different rooms to see if they go through, and when they realize the card goes through, they can then use it to make much larger purchases. This is harmful because not only does it limit the amount of rooms shown available to true customers, but hotels also pay for the authorization charges.

Account Takeover Fraud

Account takeover fraud is when you have sophisticated bots or fraudsters themselves go through hundreds and thousands of different credentials in hopes that they’re able to crack the code on accounts to drain loyalty points, make unwanted purchases, or steal other card numbers that are on that file.

Card-Not-Present (CNP) Fraud

CNP fraud is any type of fraud that takes place when the card is not physically present – most commonly online but also via mail and over the phone.

Friendly Fraud

Friendly fraud is when a person unknowingly commits fraud by asking for a chargeback from their credit card company or bank after a transaction has taken place. It’s generally associated with those that don’t realize they purchased something, forgot that they purchased something, or when they didn’t understand what they were agreeing to pay for. Ultimately, requesting a chargeback is genuine.

Chargeback Fraud

Chargeback fraud is when someone knowingly purchases a product or service with the full intention to file a chargeback through the bank or credit card company, goal being to keep the product or service and be reimbursed for it. Due to friendly fraud, it’s hard to combat.

Why Hotels Are Attractive Targets for Fraud

1. Particularly for U.S. merchants, mandated card verification and acceptance policies are limited, resulting in hotels deciding themselves how to manage the process with little education on how to effectively protect themselves.
   
   
2. The lack of standardization has also allowed hotels to keep managing credit card authorizations and payments with paper-based processes, such as PDFs to print, scan or fax back. This makes it easier for personal information to be stolen and increases the administrative burden of verifying cards and detecting risk, so staff may put process at the wayside as they juggle all the tasks they’re responsible for.
   
   
3. Paper-based processes, combined with the increasing demand for contactless experiences, leaves a big gap for fraudsters to fill. It’s not enough to simply make digital solutions available. It’s important to closely evaluate which solutions you’re bringing in house and ensure they meet top security and payment verification standards, plus ensure your staff is trained to used them effectively.
   
   
4. With an increase in technology use, it’s easy to build an unwieldly tech stack. If your systems don’t work together, you’re creating inefficiencies and insecurities in the handoffs between them, once again creating a gap for fraudsters to fill.
   
    

Digitalization & Automation: Friend Not Foe in Hotel Fraud & Chargeback Prevention

Hotel fraud hurt your revenue, consume your valuable time, and can even turn a loyal guest into a detractor.​ Technology can help you reduce this wasted time by reducing chargebacks altogether. Going digital lets you take advantage of the best security and fraud prevention measures and makes it easy to stay compliant.

For example, did you know if you’re still using paper authorization forms, you’re out of compliance with PCI DSS and susceptible to penalty fees? These standards exist to ensure your guest's payment information stays safe, and technology comes built with best practices like tokenization, which protects sensitive data by replacing it with non-sensitive data.​

> Read Our PCI Compliance Guide

Lesser known in the U.S., 3-D Secure is two-factor authentication for cards. If successfully verified, chargeback liability is shifted from the merchant to the card issuer, preventing fraud-based chargebacks. We recently learned that an account reduced chargebacks from 586 to 65, translating to a $137,900 savings in one year by using 3DS.

> Read Our 3DS Guide

AVS compares the billing address used in a credit card transaction against the cardholder’s billing address that’s on file with their bank. You’ll receive a response code indicating how closely the addresses match. Partial or no match flags to you that the cardholder is worth contacting.​

> Read Our AVS Guide

In the case of Sertifi's authorization solution, every card that gets submitted with our authorizations solution is instantly verified against 100+ criteria. You receive a fraud risk score to determine if the card is safe to proceed with or flag potentially fraudulent activity. You can then proactively follow up with your guest to ensure the card is in their possession and it's OK to proceed, rather than waiting for them to notice a fraudulent charge and immediately contacting their card issuer for a chargeback. So, in the case of using Sertifi, a digital and secure platform, a yearly $1k license can result in thousands of savings in chargebacks.