Tag Archives: Payment Authorization

Hospitality Industry Payment Fraud Risks: Woman Arrested After Using Stolen Credit Card With "Illegitimate Authorization Code" To Scam Florida Hotels

Police believe the alleged Discover employee was actually Betancourt’s accomplice, who gave an illegitimate code to the hotel clerk. According to investigators, codes are sold on the black market to help crooks override the system.

According to authorities, 53-year-old Debra Betancourt used an old, stolen Discover credit card linked to a closed account and a fake Arizona state ID to scam a number of hotels on Miami Beach. Police say at 11:30 p.m. Monday, Betancourt went to the Alexander Hotel on Collins Avenue. She informed a hotel employee that she made an online reservation with the stolen Discover card.

However, Betancourt’s card was declined for a charge of $4,100. Betancourt got on the phone, police said, and called someone who she said worked at Discover. The alleged employee gave the hotel clerk an authorization number, but the hotel would not complete the transaction.

Less than an hour later, at 12:15 a.m., Betancourt headed south and tried the scam again at the Cadet Hotel on James Avenue. This time, Betancourt got lucky: Her card was approved for 10 nights for a grand total of $10,105. Another hour passed, and the 53-year-old headed even further south to the Anglers Hotel on Washington Avenue, where she tried to pull the scam for the third time.

Betancourt once again ran into problems, and called the mystery Discover employee. However, the card was declined and the hotel manager contacted police. According to authorities, Betancourt kicked the manager in the groin and took off, but officers caught up with Betancourt and arrested her.

Read more: http://www.wsvn.com/news/articles/local/21008278197692/accused-hotel-scam-artist-arrested/#ixzz23ieeFMyM

Comments Off on Hospitality Industry Payment Fraud Risks: Woman Arrested After Using Stolen Credit Card With "Illegitimate Authorization Code" To Scam Florida Hotels

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Hospitality Industry Information Security: Major Hotels Move Closer To "Secure Payments Framework" That Will Protect Guest Credit Card Data Through "Tokenization"

 “Every major hotel company is working to get as many of their systems as possible out of the scope of the Payment Card Industry Data Security Standards (PCI-DSS)…Most of these companies have focused on solutions based on tokenization, and many have implemented them or are in the process of doing so.”

Tokenization is a process whereby sensitive card data is stored in a single secure location, which may be operated by a hotel brand, a payment gateway or another third party, and replaced in hotel systems by substitute “tokens.”  The tokens can be used to complete the transaction, but are useless if intercepted electronically by a thief. 

Top hotel security executives met several times to discuss this problem as the HTNG Secure Payments Framework effort took shape during August and early September.  Early discussions indicated a broad agreement that a single industry framework is needed, and that the framework needs to work with existing security approaches in place at major hotel companies and in commonly used systems.  There was also agreement on the key elements needed for the industry framework.  The group intends to document this framework conceptually in a white paper that will form the basis for subsequent standards development.

  This new effort will leverage hotel companies’ prior investment in tokenization efforts, adding a layer of security that will enable those solutions to be extended to unrelated parties that may be involved in transactions, such as online travel agencies, global distribution systems, switches, channel management systems, central reservation systems, management companies, independent hotels, payment gateways, swipe devices, and other parties.  “The approach is intended to enable the tokenization of card data by the first system that touches the reservation,” said Rice.  “The sensitive data will remain stored in a secure vault, and all of the other systems will simply pass along the token in place of the credit card.  The hotel itself can then submit the token to its token provider or gateway to complete the card transaction.  The card data itself need never touch a hotel system.”

For more:  http://www.hotelnewsresource.com/article58324.html

Comments Off on Hospitality Industry Information Security: Major Hotels Move Closer To "Secure Payments Framework" That Will Protect Guest Credit Card Data Through "Tokenization"

Filed under Guest Issues, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology

Hospitality Industry Guest Payment Risks: Hotel Management Must Confirm Credit Card Payments At Check-In

“…A man is accused of staying at a Midtown hotel for a week and not paying his bill….and has been charged with theft of service…”

“…The owner of La Maison told investigators that Aragon gave her a credit card that was declined…”

 According to court documents, Aragon stayed at the La Maison in Midtown bed and breakfast from March 14 through March 21 and did not pay for his hotel room. The owner of La Maison told investigators that Aragon gave her a credit card that was declined. When the owner questioned Aragon, he told her that he was having a house built and that the builder would be taking care of the bill. The owner alleges Aragon left the hotel without paying the $1,675 bill.

Investigators say Aragon told them the builder was supposed to pay the bill and that there was some misunderstanding about the bill. Aragon said he had placed a money order in the mail and that the owner should have received it in the mail. The owner told investigators that she never received payment.

For more:  http://abclocal.go.com/ktrk/story?section=news/local&id=8111479

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Theft, Training

Hospitality Industry Payment Systems Risk: Process, Controls & Instrumentation (PCI) Compliance In America Must Address "More Secure Methods Of Payment Authorization"

“…more incentives (should be) put in place to encourage more secure methods of payment authorization. One example of this is the “chip and PIN” system in use outside of the United States. In this system, credit cards use a tiny PIN-activated microchip that protects payment information...”

“As it stands, virtually every Western and Eastern nation have migrated to this (system)…which countries haven’t? Iran and the U.S.”

Data security also is going to be a major focus at this year’s Hospitality Law Conference.

Right now, liability is on the merchants’ side of things but not on the payment systems, and that has to change, said Cannon, who is counsel to the Merchants Payment Coalition.

“Right now, all liability runs downhill and at the bottom is the merchants’ coalition and, partially, the hospitality industry,” he said.

The federal government is reviewing the issue of data security liability and could potentially come up with a new way of assigning liability by 21 July of this year.

“In terms of the regulatory process, this is the speed of light,” Cannon said.

For more:  http://www.hotelnewsnow.com/Articles.aspx/4809/Hospitality-Law-event-to-examine-privacy-PR

Comments Off on Hospitality Industry Payment Systems Risk: Process, Controls & Instrumentation (PCI) Compliance In America Must Address "More Secure Methods Of Payment Authorization"

Filed under Conferences, Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management, Technology