The travel and hospitality industries are notoriously high-risk. Factors like high average ticket amounts and long fulfillment time horizons compound with high average chargeback rates to create above average losses to fraud. But hotels don’t need to settle for surrendering more revenue to fraud in 2017.
Instead, lodging merchants can reduce fraud losses by addressing the different areas of a transaction. From payment acceptance, storing sensitive data, verifying identity, intercepting fraud, to post-transaction customer disputes, hotels must look to each facet to comprehensively address fraud.
Here are five ways travel and hospitality merchants can reduce their fraud losses in the upcoming year.
1. EMV-Enabled Point-of-Sale Systems
This is a top priority for lodging merchants who have not rolled out EMV-accepting point-of-sale terminals, as they are at serious risk for a high volume of liability shift fraud losses. According to Card Flight, in Q3 of 2016, 87 percent of payment cards presented at travel businesses contained EMV chips. Hotels that are unable to accept chip cards are susceptible to EMV-related chargebacks from these chip-enabled cards they’re running through magnetic stripe systems.
But it’s not just chargebacks posing a threat to hotels lagging in EMV terminalization. Hackers and organized crime rings are now focusing their efforts on merchants with magnetic stripe terminals. The dual threat from legitimate customers and criminals is too big for hotels to ignore. It’s critical to make the switch to EMV-enabled point-of-sale systems.
2. Tokenization for Securely Storing Guest Data
Hotels lagging in EMV terminalization add fuel to the fraud fire as the hospitality industry is already a long-standing target of fraudsters. It’s the very nature of hotel payments and operations that makes the industry so enticing. Customer data is stored during their entire stay, which creates vulnerable exposure points for unencrypted personal information.
The answer is tokenization. Hotels can continue to gather guest-specific information to enhance their experience, but avoid storing any sensitive payment card data. Tokenization creates a common token across all channels a particular guest may interact with before, during, and after their stay. Not only is guest information secured, but the guest experience is enhanced through effortless payments and personalization capabilities.
3. Address False Positives
Cardinal Commerce recently found that false positive decline rates are over three times the rate of existing card fraud. In 2014, $9 billion was lost to actual card fraud while $118 billion was lost to false positive declines. It’s clear that false positives are a huge problem.
The ultimate goal in a hotel’s front-end fraud prevention solutions should be to maximize the amount of valid transactions processed. Fraud prevention should not impose strict scoring and screening measures that turn away legitimate customers and cause high levels of false positives. Instead, hotels should aim to accept more transactions and manage the fraud that does occur as a result.
4. Enable Fraud and Dispute Alerts
It’s known that the travel and hospitality industries have inherently high chargeback ratios. With high chargeback ratios come headaches with payment processors, mounting chargeback fees, and fractured customer relationships. Issuer confirmed fraud and dispute alerts allow lodging merchants to intercept fraudulent transactions and prevent them from becoming full-blown chargebacks.
Issuing banks have their own fraud triggers, the simplest being the customer raising their hand. Whether a transaction is flagged for fraud via a machine-based trigger or by the customer, hotels can take advantage of these alerts and use them to prevent fraud losses by taking quick action to cancel reservations or contact guests immediately.
5. Respond to Chargebacks with Properly Formatted Compelling Evidence
The majority of chargebacks received are coded as true fraud. This implies that the front-end fraud solution either allowed the fraudulent payment to be processed or the bank didn’t alert the hotel of the fraudulent transaction. However, this couldn’t be further from the truth. Many chargebacks are coded as true fraud because if a customer intends to steal from a merchant, they will tell their bank that someone else used their card. Even if a chargeback is coded as fraud, hotels can prove the customer did indeed make the purchase, the services were rendered, and all occurred as promised.
But it’s not simply dumping all of the transaction and customer-related information into a document and dropping into the bank’s lap. There are 151 chargeback reason codes used by the four major card networks to describe customer disputes. Each of those reason codes requires different compelling evidence for the hotel to disprove the customer dispute.
Furthermore, at the end of the day, it’s a human that will ultimately make the decision on whether a chargeback is ruled in favor of the customer or the hotel. The information included in a response must not only be transaction and customer related, but displayed with context showing relevance to the dispute at hand.
For example, Visa asks for the customer’s IP address as compelling evidence, but doesn’t explain why it’s important. Including the IP address itself follows Visa’s protocol, but doesn’t mean much to the human reviewing the chargeback response. To make the IP address relevant compelling evidence, the response should include that the IP address is located in the city that matches the billing city and zip code of the customer. If the hotel creating the response does not include the relevant information that occurs alongside the compelling evidence, they cannot expect the individual at the issuing bank or card network to do the legwork for them.
Fraud is a costly problem for lodging merchants and will continue to cause losses in 2017. But through addressing every phase of a transaction, hotels can reduce their fraud losses significantly in the coming year.
About the Author
Scott Stone serves as chief marketing officer at Chargeback.
