Booking.com and Credit Card Fraud (opens in new tab)

(vladfr.github.io)

2 pointsvladfr11y ago7 comments

7 comments

Booking.com uses an agency model with hotels and doesn't handle any payment from the user. They basically get a commission once your stay is completed. What this means is that they pass on your information to the hotel so that they handle billing/charging, etc.

This is in contrast to most OTAs in the US that are on a merchant model where they charge your credit card and have a pre-agreed upon net rate they pay for rooms to the hotel. This means the hotel has no idea what your credit card is or how you paid, just that a paid reservation with their partner was made.

This isn't very different than calling up a hotel and providing your credit card number and CVV / Expiration date on the phone to make a reservation. Only difference is that they sent it electronically.

vladfrOP11y ago

Thanks for the details, indeed I'm finding out that it makes some sense from their perspective.

Still, there's no notice of Booking.com sharing your data. The fact that hotels print it out and leave it at the reception is again another problem, though not entirely Booking's fault.

I still wonder why they chose to work like this, seeing as it's so easy to implement an authorization process without sharing card data.

I see that they're starting to shy away from requiring card details, which is a good thing.

vladfrOP11y ago

One more thing: they are sharing my personal data without my consent - in this regard, it is very different than me providing my card data over the phone.

calbear8111y ago

They do have to share your personal data to the fulfilling agent just like you have to share your personal data to book a flight. The hotel has to have your information to complete the reservation and I'm sure it's buried somewhere in the terms and conditions.

1 more reply

josuegio11y ago

Hi Guys, recently i suffered a credit card fraud traveling to Innsbruck in Austria or to a little village in Germany close to Fussen. I was almost sure that was thanks to Booking.

vladfrOP11y ago

There would be no way of telling - someone might've just found your cc data some other way - but yeah, knowing that it's out there is scary. I'm still checking my balance every day.

j / k navigate · click thread line to collapse

7 comments

calbear8111y ago

vladfrOP11y ago

Thanks for the details, indeed I'm finding out that it makes some sense from their perspective.

Still, there's no notice of Booking.com sharing your data. The fact that hotels print it out and leave it at the reception is again another problem, though not entirely Booking's fault.

I still wonder why they chose to work like this, seeing as it's so easy to implement an authorization process without sharing card data.

I see that they're starting to shy away from requiring card details, which is a good thing.

vladfrOP11y ago

One more thing: they are sharing my personal data without my consent - in this regard, it is very different than me providing my card data over the phone.

calbear8111y ago

1 more reply

josuegio11y ago

Hi Guys, recently i suffered a credit card fraud traveling to Innsbruck in Austria or to a little village in Germany close to Fussen. I was almost sure that was thanks to Booking.

vladfrOP11y ago

There would be no way of telling - someone might've just found your cc data some other way - but yeah, knowing that it's out there is scary. I'm still checking my balance every day.

j / k navigate · click thread line to collapse