As outlined in our previous article, data security is essential to a hotel’s reputation and revenue. It protects you from cyber attacks that cause lasting harm to your reputation, incur compensatory damage, and increase your labor costs. We focus on security to keep you well-informed and prepared for potential risks.
In the previous article, we discussed the importance of securing card-not-present (CNP) transactions so that important financial data is not visible to employees or potential bad actors. Below, we outline the additional protections that our payment platform, TransForm, features to help secure your hotel’s reputation and revenue.
Two Types of Fraud
It’s important to differentiate between the two types of fraud from which you need protection. There’s traditional fraud – when a bad actor steals a credit card and makes a fraudulent purchase. And there is also “friendly fraud” – when a customer disputes a legitimate charge after the good or service has been provided, claiming it was not received or used, and seeks an illegitimate refund.
Fraud-Prevention Features in TransForm
Card-not-present payments taken by phone, fax, email, or text are all classified by credit card processors as lodging transactions, even when processed online. When processed using TransForm, they are instead classified as ecommerce transactions, which in itself provides you with additional security.
Transactions classified as ecommerce are more likely to win chargebacks even in some instances of ‘friendly fraud’, as the customer must input their financial data on their own and agree to your terms and conditions to instigate their fraudulent behaviour.
When a bad actor attempts to complete a fraudulent transaction, TransForm has built-in features to help mitigate your risk. You can customize a submission limit to set a cap on the total number of times someone can attempt to complete a transaction. Typically, this is set to three attempts, giving the guest three tries to correctly input the right card number, expiry date, verification code on the back of the card, and postal code. This blocks fraudsters who do not have the full data and are trying multiple times to submit a bogus payment and then claim a refund.
TransForm also allows you to set how many days prior to the scheduled arrival date your guest can submit their online payment. Fraudsters will often try to complete a payment with an unauthorized card as close to the arrival date as possible so that you don’t have time to verify the transaction before the refund claim is made. Limiting submissions to three days out can be highly effective at preventing this tactic.
These features are customizable to meet your operation’s needs and preferences, reducing fraud and helping protect your reputation and revenue.
After a Transaction is Complete
Our TransForm payment portal integrates directly with popular payment gateways that verify a cardholder’s information and tokenize the card details so that TransForm can pass that data into your property management system. The sensitive card data stays hidden, converted to randomly generated numbers, creating an encrypted ‘token’. The token has sole access to the detailed card information. This keeps sensitive card data secure from bad actors and potential fraud.
The tokenized credit card details are not stored at b4 but within your payment gateway. When integrated with your property management system (PMS), TransForm can also send the token into your PMS. Tokenization gives you access to – but not visibility into – credit card data, so you can easily manage additional charges later on.
Protection against fraud and cyberattacks
The encryption and tokenization of sensitive card details, secure pass-through of tokens into the PMS, and the built-in anti-fraud features make TransForm an essential tool to help safeguard you against cybersecurity risks.
Book a demo to see TransForm in action!
