Kitz Forum
Chat => Chit Chat => Topic started by: tickmike on February 11, 2017, 02:08:55 AM
-
Credit Card Details Needed By Hotel.
Are hotels are usually required by law to keep a record of guest credit card details ?.
I have booked a very good London hotel where we have been before and they have sent me a link to put in my personal details including credit card number, expiry date, and security pin Edit.. I checked again and it is the 3 digits from the back of the card ! .
Birth place, Birth date, Address, Father's name, Mother's name, Nationality and it goes on and on.
I'm a bit reluctant to give them some of those details.
It looks like they now use a electronic reception by https://www.mewssystems.com/
I know they have to keep on file for a year some guest details. but
-
Are you sure they want the pin and not the 3 digits from the back of the card? If they want the pin then that certainly should set alarm bells ringing.
As for Birth place, Birth date, Father's name, Mother's name, that also gives far too much information, it's only a hotel and I can't see why they would need all of that.
Unless of course they wanted to steel your identity.
They could well need normal credit card details for charges incurred whilst staying, but I would of thought they just swipe your card at reception possibly.
-
How did you come by the hotel to book it? Unless sure that your original communication to book to is 110% genuine, I'd look up phone number in directory, and make contact to it.
-
I have never known a hotel to require all that data. Credit card yes, name and home address if they can be bothered, maybe car number plate for parking, but don't recall anything more.
Echoing Renluop I think, is there any possibility this could be a fishing scam by some third party, as opposed to the hotel?
In essence, the bad guys would get wind of the fact you've booked a room, and so are expecting to be contacted. They then send you an email, with spoofed source address to look like it came from the hotel, and invite you to supply all they need for an identity theft.
-
I agree with the others this is very suspicious. Call the hotel to double check, but not on any phone number on any emails, look it up first.
Stuart
-
Hi
If anyone asks for the information you have posted, never give it.
A hotel do normally require credit/debit card details (card number, name, expiry and 3 digit pin (but not always the 3 digit pin, which can be given when you arrive) for out of hours service - i.e. Sandwich or drinks etc
They also use this information for monetary/identity fraud regulations, but you can book a hotel and pay cash, without any credit card details. However, you do need to provide identity proof upon signing into the hotel
Many thanks
John
-
This is a hotel I have been before and I have booked it via email as I always do.
Looking on https://www.visitbritain.org/pink-book/registration-and-data-protection
The only things they need about British guests
To comply with the Immigration (Hotel Records) Order 1972 you need to collect the following information from guests on their arrival:
full name
nationality.
Note: you are not legally required to take a guest's home address or contact number.
For all who are not British, Irish or Commonwealth guests:
passport number and place of issue (or other document which shows their identity and nationality)
details of their next destination (including the address, if known) on or before departure.
-
This is a hotel I have been before and I have booked it via email as I always do
Personally, I would never do that. Booking by email is akin to booking via a plain postcard without any envelope, for all to see, there being no guarantee of end to end encryption. :(
Always ensure that booking is completed via secure http, imho. Or if not, allow for the fact that the bad guys might get wind of it.
-
Sorry but have to agree with other posters that they are asking for far too many personal details
Name and Address OK,
CC number OK.
3 digit Security number from the back of the card is to indicate that you were not present at the time of paying OK.
But that's as much detail that is required.
-
Trying to think of any innocent explanations, is it possible the link was actually to a registration form, for setting up a username & password account with the hotel's booking service, with card details stored for future bookings?
Such systems often invite you to choose an agreed security question or sometimes a couple, such as mother's name, name of first pet, make of first car etc. They would be used if you ever needed a password reminder, to help convince them you are you you claim to be.
But asking for more than a couple of questions sounds very dodgy, possibly harvesting the answers provided to common questions as used by similar online systems...
And obviously, card pin number is a red flag - you should never have to disclose that to anybody. They may ask for the 3 digit security code printed on the card, but never the PIN itself.
-
I would not provide my CV2/CVV code (the 3 digit 'pin') to anyone who wants it written down, either in an email or on an old fashioned paper form. The Payment Card Industry Data Security Standard strictly prohibits the storing of the CV2 code under any circumstances. And putting it in an email is equivalent to storage. Use it online, and as part of a telephone transaction, but don't knowingly allow it to be stored.