Share | |
Mr. Goldmann

Security & Safety

Credit Card Fraud: The Threat to Hotels and Restaurants Everywhere

By Peter Goldmann, President, FraudAware Hospitality

The problem is two-fold: While until recently, most credit card fraud involved "guests" using stolen or fraudulently obtained credit cards to pay for hotel charges, now the Internet has added a new dimension of credit card fraud threatening hospitality businesses.

For example, cyber criminals can hack into a company's customer database and steal large batches of guest credit card information that they then sell on the black market. Or, they can use the stolen credit card information to manufacture counterfeit credit cards, which they then use to fraudulently purchase goods or services.

Making matters worse, like companies in other industries that have been hacked by information thieves, hospitality companies could suddenly find themselves on the receiving end of lawsuits claiming damages for liability related to the theft of confidential guest information.

To prevent incidents such as these, optimizing the company's information security defenses is the obvious first step. In addition, more and more businesses are looking into cyber-crime insurance as an option for protecting against the growing risk of liability for theft of confidential information.

Leading insurance companies such as Chubb and Traveler's offer a variety of coverages that are worth researching.

Phishing For Fraud

The term "phishing" refers to a high-tech form of illegal "data harvesting". In these schemes, cyber-criminals create "copycat" Web sites that look exactly like those of the company they are targetubg (such PayPal, AOL, Citibank, etc). to steal customer E-mail addresses. They then send out mass E-mailings, saying that for security purposes (or another phony reason), the company needs the customer to click to a "secure" Web site (the phony one controlled by the criminals) and update their credit card information.

Of course, every time this happens, the credit card information is recorded and stored for later use in identity theft crimes.

Depending on which report you read, this type of fraud has risen by as much as 300% since 1999.

The problem for hotels and restaurants is that the purloined credit card information can be used to manufacture counterfeit cards that then turn up at the front desk or restaurant credit card terminal. The charges are ultimately charged back once the legitimate card holder finds out he or she has become a victim of identity fraud.

Old-Fashioned Fraud Still Hurts

The problem of accepting phony credit cards at the front desk is common among virtually every hospitality property in the world. Fortunately, credit card criminals who break the law the old fashioned way-by stealing wallets or purses-are usually not able to use their victims' credit cards to reserve or pay for hotel rooms, since most victims of these card thieves find out about their loss in time to cancel their accounts before many fraudulent charges are made.

The greater threat comes from identity thieves who use legitimate individuals' personal information to fraudulently apply for credit cards. They steal credit card applications from mailboxes or post offices and change the addresses (usually to a private mail box number they control) and simply wait for the illegally obtained cards to arrive.

According to the Federal Trade Commission, it can take up to six months before the individuals whose name, date of birth and other personal information were used to obtain the cards learn about it. By that time, thousands of dollars of phony charges can be made by the crooks.

When the victim finally starts to undo the damage to his or her identity, and the credit card accounts are shut down, the fraudulent credit card purchases typically get charged back to the companies that accepted the cards in the first place.

According to David Bleser, Vice President of Operations at Hospitality Safeguards Inc., Orlando, FL hospitality fraud prevention consultants, the only truly reliable to way for front desk personnel to prevent these crimes is to require all guests checking in to produce their driver's license in addition to their credit card.

Unfortunately, few hotels require this procedure, or if they do, enforcement is lax. That, says Bleser, is simply asking for trouble.

For added security, front desk staff should carefully compare the name on the arriving guest's driver's license with that on the credit card and the reservation information stored in the hotel's system.

Credit card criminals will sometimes claim that they don't have a drivers' license or other form of identification. If this occurs, the best policy for hotels is to decline the credit card and accept cash only.

In addition, it is essential that all employees carefully follow the credit card companies' transaction processing procedures-to avoid being stuck with fraudulent charges for failing to take adequate precautions against guests bearing stolen or countefeit cards.

The Insider Threat: Phony Refunds

Another increasingly costly form of credit card fraud involves phony refund requests.

It is not uncommon for a legitimate hotel guest to challenges a credit card charge that may have been mistakenly added to his or her bill. When the guest calls to challenge the charge, a front desk staffer or an employee an accountant or bookkeeper usually issues a credit to the customer's card.

But what if the "guest" calling to reverse the charge isn't the guest at all. What if he or she is an employee of the hotel- such as a front desk clerk who poses as a legitimate guest and requests a refund, but gives his or her own credit card number for the refund? The best defense against these frauds is to formulate and enforce a strict policy where the corporate accounting staff receives "credits without debits reports" from the credit card processor. These will identify credits that aren't backed up by corresponding debits and should therefore be checked to determine if the credit card name and number to which the refund is being made matches the name and number on the card that was originally used to make the purchase. If the cards don't match, the refund is declined.

In some cases, insiders, such as accountants or bookkeepers will issue credits to their own credit cards and cover them up by making revenue adjustments on the books. Because these thieves often commit such crimes on multiple occasions, getting a "multiple credits issued report" from the card processing company can point to such suspicious patterns for further review.

For an added layer of defense, ensure that this process is conducted by the internal audit department in addition to someone independent of accounting.

The hotel's credit card processing company can assist in screening for these frauds. Processors have increasingly sophisticated software applications for screening unusual credit card transactions. The service can be set up to specifically screen for refund anomalies which are then reported back to the hotel's auditor or controller who then manually reviews the refund request.

Important lesson: Even in today's high-tech business environment, credit card frauds are still often avoided only when a human being manually screens for them. That's why it is important to have procedures in place that maximize the effectiveness of both technological and manual fraud-prevention measures.

Peter Goldmann is the Developer of FraudAware/Hospitality, the first on-line fraud awareness training course for hospitality managers, supervisors and line employees. He is is the publisher of the monthly newsletters, White-Collar Crime Fighter and Cyber-Crime Fighter. His company, White-Collar Crime 101 LLC also is the developer of FraudAware/Hospitality, a customizable Web-based fraud awareness training course for managers, supervisors and line employees. He is a member of the Association of Certified Fraud Examiners, and The International Association of Financial Crimes Investigators. Mr. Goldmann can be contacted at 203-431-7657 or pgoldmann@wccfighter.com Extended Bio...

HotelExecutive.com retains the copyright to the articles published in the Hotel Business Review. Articles cannot be republished without prior written consent by HotelExecutive.com.

Receive our daily newsletter with the latest breaking news and hotel management best practices.
Hotel Business Review on Facebook
RESOURCE CENTER - SEARCH ARCHIVES
General Search:

MAY: The Hotel Spa
High Value Marketing

Jason Guest

Wireless Internet is changing the way business gets done in the hotel industry. There's a tremendous demand for wireless access - for overnight guests and even for conferences and trade shows. It's not just for email and Web surfing anymore. Video streaming, audio streaming and voice-over-IP are all competing for the same Internet pipe. This is compounded by the growing trend for trade shows and conferences to offer high-speed wireless data service to their attendees, which can slow Internet traffic to a crawl. This demand means opportunities for new revenue streams. Wireless has also created new ways for hotels to connect with their guests to generate loyalty. READ MORE

Derek Wood

In today’s ever increasing ‘digital age’ the importance of providing a quality High Speed Internet Access system for your guests is more important than ever. The recent huge increase in mobile wi-fi devices has just added a new dimension to the problem. And yet to many hotels this service is seen as cumbersome, expensive non-revenue generating and does not rank highly at senior management level when increasing guest satisfaction is being discussed. This article examines some of the issues facing the hotelier today and suggests a few ways to overcome the problems. READ MORE

Roger Crellin

Much to the chagrin of property owners, free WiFi has become a guest expectation rather than a perk. Since the free WiFi model was introduced, hotel operators have faced the rapid adoption of bandwidth-hungry mobile devices such as tablets and smartphones. Not only do guests expect free WiFi, but they also expect ease of use and constant connectivity, similar to what they experience at home. What was once a means to improve satisfaction and engender loyalty, free WiFi that underperforms can actually have the opposite effect, causing dissatisfaction and frustration with a property that doesn’t provide a positive experience. READ MORE

Terence Ronson

As mentioned in a previous article, prior to the birth of IOS (Apple’s operating system), truthfully, we only scratched the surface and played around with implementing Wi-Fi in Hotels. But now, four years later with millions and millions of IOS devices in the hands of millions and millions of our loving guests, this has become the most disruptive of technologies in the modern era. That along with the creation of the smartphone and its Big Brother - the TAB – where there are sales predictions of 153 million units next year, and climbing to 232 million by 2016. This has set loose a tsunami of unparalleled demand - for a strangely invisible service! No wonder CIO’s call Wi-Fi a four-letter word. For the sake of repeating myself, today’s Hotel Wi-Fi network (and more critically tomorrow’s) is one of the principal areas in which your hotel will be judged. READ MORE

Coming Up In The June Online Hotel Business Review

"Hotel Business Review offers weekly articles for hotel management and operation and discussion on emerging growth markets."
Feature Focus
Hotel Sustainable Development: Principles and Best Practices
Sustainability is now a daily topic that affects every facet of hotel development and operations. As hotelier Hervé Houdré recently noted "The goal of Sustainable Development is clearly to secure economic development, social equity, and environmental protection. As much as they could work in harmony, these goals sometimes work against each other". In the June Hotel Business Review, some of the industry's most recognized sustainable development experts come together to identify emerging trends and discuss how sustainability is currently affecting the hotel industry. Each author presents the most important aspects of sustainable development of much interest to hotel owners, operators, investors and developers. We include perspectives and case studies on best practices from leading hotel groups and other industry players.
INSIGHTS FOR INDUSTRY LEADERS BY INDUSTRY LEADERS
"300,000 Rooms Complete, 15,700,000 to Go"
By Larry Mogelonsky, President and Founder, LMA Communications
"Destination Earth: A Customized Approach to Sustainability"
By Mark Hickey, Senior Vice President of U.S. Hotel Operations, Destination Hotels
"Why This New Standard is Going to change Hotel Energy Management Forever?"
By Robert Allender, Managing Director, Energy Resources Management
"How Two Major Hotel Companies are Turning Sustainability into Tangible Business Advantage"
By Christopher Wood, Director of Social Responsibility, ASAE Convene Green Alliance
PLUS: Green Certification - Development & Investment Outlook - Case Studies - Green Design – Sustainable Development Strategies - Green Luxury - CSR Programs - Green Facility Management