Credit Card Number stolen from hotel booking
Jan 7th, 2016, 02:11 PM
#61
Join Date: Jan 2010
Posts: 62,502
Likes: 0
Received 0 Likes
on
0 Posts
The reason to give booking.com e cc number is that many smaller hotels in i.e. italy don't accept credit cards and want deposit by bank transfer if you book directly. That is a PITA and expensive. Also cancellation policies through booking.com are much more liberal than hr hotels' own.
I prefer to book with the hotel but I use booking.com for the above reasons .
I prefer to book with the hotel but I use booking.com for the above reasons .
Jan 7th, 2016, 02:12 PM
#62
Join Date: Jan 2003
Posts: 33,288
Likes: 0
Received 0 Likes
on
0 Posts
Rory, if you had booked directly with the hotel, they would have required all of that info from you. Booking dot com simply conveyed the appropriate info to the hotel to secure your reservation.
Was your credit card info stolen? Was there an unauthorized charge to your card?
Was your credit card info stolen? Was there an unauthorized charge to your card?
Jan 7th, 2016, 03:46 PM
#63
Join Date: Mar 2008
Posts: 1,485
Likes: 0
Received 0 Likes
on
0 Posts
RoryBr: opens account January 2016. First posting on an old link critical of Booking.com
Whathello: also opened January 2016. States: Glad OP took the time to create an account on Fodors to tell us so.
Very suspicious
Whathello: also opened January 2016. States: Glad OP took the time to create an account on Fodors to tell us so.
Very suspicious
Jan 7th, 2016, 06:15 PM
#65
Join Date: Jan 2003
Posts: 5,271
Likes: 0
Received 0 Likes
on
0 Posts
So what? Let's understand clearly, theft of credit card information in and of itself is not identity theft nor is it going to leave lasting problems to resolve. Yes it is to a degree inconvenient. You either notify the cc company or they notify you of possible fraudulent charges, you tell them which charges are fraudulent, they close the account and remove the charges, they send you a new card with a different number and life goes on as it has before. Unfortunately, this is part of modern living and a price we have to pay for the convenience of making reservations at hotels in far away places with strange sounding names. Don't lay awake nights wortrying about it. If it happens, you deal with it.
Jan 7th, 2016, 11:23 PM
#66
Join Date: Jan 2016
Posts: 7
Likes: 0
Received 0 Likes
on
0 Posts
> Of course they did. The hotel has to have the info.
No they don't. At least one other site doesn't, which I booked with today after validating that they wouldn't pass my credit card details on.
> Now I won't be able to sleep before I know what PCI compliant means.
PCI in this context is short for PCI DSS, which in turn is short for Payment Card Industry, Data Security Standard. It's a set of standards that credit card acceptors are expected to adhere to, which IIUC forbids even the storage of CVV numbers, let alone sharing them.
> Rory, if you had booked directly with the hotel,
If I'd booked directly with the hotel, I could have made a judgement call for myself on whether to trust their security, or find another hotel. Instead I decided to make my booking via a trusted intermediary, who turned out to be untrustworthy.
> Booking dot com simply conveyed the appropriate info to the hotel
> to secure your reservation.
1: They made such a conveyance without my informed consent.
2: It's never appropriate to convey someone elses credit card to a third party, unless that third party is a well vetted payment service provider.
3: It's definitely never appropriate for them to convey the CVV number.
> Was your credit card info stolen?
I've no way of knowing, other than it being mis-handled by booking.com.
> Was there an unauthorized charge to your card?
Not that I'm aware of.
> Very suspicious
That's fair; I'm not familiar with this forum, but since this page came up in Google when checking out a booking.com alternative, I thought it a valid place to highlight the risk when booking through booking.com. I don't however have another nick.
No they don't. At least one other site doesn't, which I booked with today after validating that they wouldn't pass my credit card details on.
> Now I won't be able to sleep before I know what PCI compliant means.
PCI in this context is short for PCI DSS, which in turn is short for Payment Card Industry, Data Security Standard. It's a set of standards that credit card acceptors are expected to adhere to, which IIUC forbids even the storage of CVV numbers, let alone sharing them.
> Rory, if you had booked directly with the hotel,
If I'd booked directly with the hotel, I could have made a judgement call for myself on whether to trust their security, or find another hotel. Instead I decided to make my booking via a trusted intermediary, who turned out to be untrustworthy.
> Booking dot com simply conveyed the appropriate info to the hotel
> to secure your reservation.
1: They made such a conveyance without my informed consent.
2: It's never appropriate to convey someone elses credit card to a third party, unless that third party is a well vetted payment service provider.
3: It's definitely never appropriate for them to convey the CVV number.
> Was your credit card info stolen?
I've no way of knowing, other than it being mis-handled by booking.com.
> Was there an unauthorized charge to your card?
Not that I'm aware of.
> Very suspicious
That's fair; I'm not familiar with this forum, but since this page came up in Google when checking out a booking.com alternative, I thought it a valid place to highlight the risk when booking through booking.com. I don't however have another nick.
Jan 8th, 2016, 01:50 AM
#67
Join Date: Jan 2016
Posts: 2,585
Likes: 0
Received 0 Likes
on
0 Posts
Why don't you read the general conditions of the contract - displayed on the site of booking.com
It is incredible the number of people who complain about this or that when the other party is just behaving ACCORDING TO THE CONTRACT that YOU ACCEPTED when using their service.
Learn to use your brain !
I downloaded herebelow part of their first paragraph.
There is a full paragraph (5 in French) where they deal with credit card and explain that the hotel is doing it - they then tell you what to do in case of fraudulent use of the CC.
En effectuant une réservation par l’intermédiaire de Booking.com, vous vous engagez dans une relation contractuelle directe avec l’établissement concerné par votre réservation. À partir du moment où vous effectuez une réservation, nous agissons uniquement en qualité d’intermédiaire entre vous et l’établissement, en lui transmettant les détails de votre réservation et en vous envoyant un e-mail de confirmation pour et en son nom.
It is incredible the number of people who complain about this or that when the other party is just behaving ACCORDING TO THE CONTRACT that YOU ACCEPTED when using their service.
Learn to use your brain !
I downloaded herebelow part of their first paragraph.
There is a full paragraph (5 in French) where they deal with credit card and explain that the hotel is doing it - they then tell you what to do in case of fraudulent use of the CC.
En effectuant une réservation par l’intermédiaire de Booking.com, vous vous engagez dans une relation contractuelle directe avec l’établissement concerné par votre réservation. À partir du moment où vous effectuez une réservation, nous agissons uniquement en qualité d’intermédiaire entre vous et l’établissement, en lui transmettant les détails de votre réservation et en vous envoyant un e-mail de confirmation pour et en son nom.
Jan 8th, 2016, 05:40 AM
#68
Rory: you are simply wrong. Booking is just the middle man. Your booking is actually WITH the hotel and it is the hotel or a 3rd party that puts through the charge. I have used the site many times.
From the T&C on booking.com >><i>(Booking.com B.V. and its affiliate (distribution) partners) provide an online platform through which all types of temporary accommodation (for example, hotels, motels, hostels and bed & breakfasts, collectively the "accommodation(s)"), can advertise their rooms for reservation, and through which visitors to the website can make such reservations. <B>By making a reservation through Booking.com, you enter into a direct (legally binding) contractual relationship with the accommodation provider at which you book</i></B><<
You are NOT contracting w/ booking.com - they are passing your contact on to the hotel or a 3rd party processor, and it is the hotel your contract is with . . .
From the T&C on booking.com >><i>(Booking.com B.V. and its affiliate (distribution) partners) provide an online platform through which all types of temporary accommodation (for example, hotels, motels, hostels and bed & breakfasts, collectively the "accommodation(s)"), can advertise their rooms for reservation, and through which visitors to the website can make such reservations. <B>By making a reservation through Booking.com, you enter into a direct (legally binding) contractual relationship with the accommodation provider at which you book</i></B><<
You are NOT contracting w/ booking.com - they are passing your contact on to the hotel or a 3rd party processor, and it is the hotel your contract is with . . .
Jan 8th, 2016, 06:56 AM
#69
Join Date: Aug 2007
Posts: 15,874
Likes: 0
Received 0 Likes
on
0 Posts
When booking trains , tickets and hotel in Moscow through Russian
websites I admit I was worried about possibility of someone accessing my CC info.
Six months later....seems o.k.
I have used booking.com for years , never a problem.
websites I admit I was worried about possibility of someone accessing my CC info.
Six months later....seems o.k.
I have used booking.com for years , never a problem.
Jan 8th, 2016, 10:05 AM
#70
Join Date: Sep 2011
Posts: 18,307
Likes: 0
Received 0 Likes
on
0 Posts
In the FAQ on Booking.com:
"Why does Booking.com collect, use and share your personal data?
Reservations: First and foremost, we use your personal data to complete and administer your online reservation and forward your reservation details to the accommodation you have booked.
In certain circumstances, we may share your personal data with third parties.
The accommodation you booked: In order to complete your reservation, we need to transfer relevant reservation details to the accommodation you have booked. This may include information such as your name, your contact details, your payment details, the names of guests travelling with you and any preferences you specified when making a booking. This information may also be used by Booking.com or the accommodation providers to give you personalised offers related to the reservation. If you have a query about your reservation, we may contact the accommodation provider and ask them to handle your request."
All there easily accessible in plain English. No need to troll through T&C Legal Speak.
"Why does Booking.com collect, use and share your personal data?
Reservations: First and foremost, we use your personal data to complete and administer your online reservation and forward your reservation details to the accommodation you have booked.
In certain circumstances, we may share your personal data with third parties.
The accommodation you booked: In order to complete your reservation, we need to transfer relevant reservation details to the accommodation you have booked. This may include information such as your name, your contact details, your payment details, the names of guests travelling with you and any preferences you specified when making a booking. This information may also be used by Booking.com or the accommodation providers to give you personalised offers related to the reservation. If you have a query about your reservation, we may contact the accommodation provider and ask them to handle your request."
All there easily accessible in plain English. No need to troll through T&C Legal Speak.
Jan 8th, 2016, 12:36 PM
#72
Join Date: Jan 2003
Posts: 49,560
Likes: 0
Received 0 Likes
on
0 Posts
Rory, it's all VERY clear if you READ what you sign. I have used Booking.com for years, as have many, many other satisfied customers on this and other travel sites.
You book WITH THE HOTEL when you book on Booking.com. Of course they have access to your cc information; otherwise they couldn't charge you properly for the room. You authorize them to pre-authorise payment.
You obviously did not read or understand the process. Your contract is NOT with Booking.com.
It's like all the car rental complaints where people failed to read the fine print. I will never understand why people fork over hundreds/thousands of dollars without actually READING the contract. Then they come back and whine and suggest that it's because they're in a "foreign country" where " people are taking advantage of them." Pfff! It's their own stupid fault.
You book WITH THE HOTEL when you book on Booking.com. Of course they have access to your cc information; otherwise they couldn't charge you properly for the room. You authorize them to pre-authorise payment.
You obviously did not read or understand the process. Your contract is NOT with Booking.com.
It's like all the car rental complaints where people failed to read the fine print. I will never understand why people fork over hundreds/thousands of dollars without actually READING the contract. Then they come back and whine and suggest that it's because they're in a "foreign country" where " people are taking advantage of them." Pfff! It's their own stupid fault.
Jan 9th, 2016, 03:29 AM
#73
Join Date: Jan 2016
Posts: 7
Likes: 0
Received 0 Likes
on
0 Posts
> Why don't you read the general conditions of the contract - displayed
> on the site of booking.com
Because just like the other 99.999% of the population who aren't wannabe lawyers, I don't spend my life reading the small print T&C of every website I visit.
I have however read the section you referenced and it doesn't state that they pass credit card details ( including CVV ) on to hotels.
Reading their FAQ about credit card safety, I was unable to find anything indicating that they passed such details on; the only thing I found
> [ Paraphrasing janisj; orig was too long ]:
> You have a contract with the hotel, and NOT with booking.com.
That's correct, but not relevant. It's quite rare that the party I have the contract with, will also have my credit card details. In many cases the card details are sent directly to a payment provider, bypassing the merchant entirely.
A reasonable assumption would be that booking.com would handle payments themselves, and forward payment, rather than customer card details on to the hotel. This would make sense from both an economical ( They'd have more purchasing power than individual hotels ), and security perspective. They could validate the security of a payments service provider, while they realistically can't validate the security of thousands of hotels.
> on the site of booking.com
Because just like the other 99.999% of the population who aren't wannabe lawyers, I don't spend my life reading the small print T&C of every website I visit.
I have however read the section you referenced and it doesn't state that they pass credit card details ( including CVV ) on to hotels.
Reading their FAQ about credit card safety, I was unable to find anything indicating that they passed such details on; the only thing I found
> [ Paraphrasing janisj; orig was too long ]:
> You have a contract with the hotel, and NOT with booking.com.
That's correct, but not relevant. It's quite rare that the party I have the contract with, will also have my credit card details. In many cases the card details are sent directly to a payment provider, bypassing the merchant entirely.
A reasonable assumption would be that booking.com would handle payments themselves, and forward payment, rather than customer card details on to the hotel. This would make sense from both an economical ( They'd have more purchasing power than individual hotels ), and security perspective. They could validate the security of a payments service provider, while they realistically can't validate the security of thousands of hotels.
Jan 9th, 2016, 03:32 AM
#74
Join Date: Jan 2016
Posts: 7
Likes: 0
Received 0 Likes
on
0 Posts
Seems I missed a bit on my previous response: The only thing I got on credit card security in their FAQ was that they use SSL, with a Thawte cert.
Ultimately however, they shouldn't be telling me that they're passing on my credit card details because they shouldn't be doing it in the first place.
Ultimately however, they shouldn't be telling me that they're passing on my credit card details because they shouldn't be doing it in the first place.
Jan 9th, 2016, 03:41 AM
#75
Join Date: Jan 2003
Posts: 49,560
Likes: 0
Received 0 Likes
on
0 Posts
You just don't get it, Rory. I'm no "wannabe lawyer, but I DO read the T&C of anything I sign up for.
Did you bother to read even the basic T&C for Booking.com?
<<1. Scope of our Service
Through the website we (Booking.com B.V. and its affiliate (distribution) partners) provide an online platform through which all types of temporary accommodation (for example, hotels, motels, hostels and bed & breakfasts, collectively the "accommodation(s)"), can advertise their rooms for reservation, and through which visitors to the website can make such reservations. By making a reservation through Booking.com, you enter into a direct (legally binding) contractual relationship with the accommodation provider at which you book. From the point at which you make your reservation, we act solely as an intermediary between you and the accommodation, transmitting the details of your reservation to the relevant accommodation provider and sending you a confirmation email for and on behalf of the accommodation provider.>>
Is that not clear as can be? What about that did you not understand?
Did you bother to read even the basic T&C for Booking.com?
<<1. Scope of our Service
Through the website we (Booking.com B.V. and its affiliate (distribution) partners) provide an online platform through which all types of temporary accommodation (for example, hotels, motels, hostels and bed & breakfasts, collectively the "accommodation(s)"), can advertise their rooms for reservation, and through which visitors to the website can make such reservations. By making a reservation through Booking.com, you enter into a direct (legally binding) contractual relationship with the accommodation provider at which you book. From the point at which you make your reservation, we act solely as an intermediary between you and the accommodation, transmitting the details of your reservation to the relevant accommodation provider and sending you a confirmation email for and on behalf of the accommodation provider.>>
Is that not clear as can be? What about that did you not understand?
Jan 9th, 2016, 08:26 AM
#77
Join Date: Aug 2003
Posts: 2,893
Likes: 0
Received 0 Likes
on
0 Posts
<i><font color=#555555>
"> Why don't you read the general conditions of the contract...
Because just like the other 99.999% of the population who aren't wannabe lawyers, I don't spend my life reading the small print T&C of every website I visit."</font></i>
SAY WHAT? Who gives their credit card information to <b>every</b> website they visit?
RoryBr, you're a fool. You signed a contract without reading the fine print, and then you come here to trash and blame Booking dot com for your stupidity. Boo-hoo for you.
I don't use middlemen for booking, but Booking dot com has a great map service, and their customer reviews are worth checking out. If you have a problem with their Terms and Conditions, read the T&C first and then don't use their service. Don't come here and waste people's time and Fodor's bandwidth to complain when clearly you're to blame.
"> Why don't you read the general conditions of the contract...
Because just like the other 99.999% of the population who aren't wannabe lawyers, I don't spend my life reading the small print T&C of every website I visit."</font></i>
SAY WHAT? Who gives their credit card information to <b>every</b> website they visit?
RoryBr, you're a fool. You signed a contract without reading the fine print, and then you come here to trash and blame Booking dot com for your stupidity. Boo-hoo for you.
I don't use middlemen for booking, but Booking dot com has a great map service, and their customer reviews are worth checking out. If you have a problem with their Terms and Conditions, read the T&C first and then don't use their service. Don't come here and waste people's time and Fodor's bandwidth to complain when clearly you're to blame.
Jan 10th, 2016, 12:00 AM
#78
Join Date: Oct 2008
Posts: 4,524
Likes: 0
Received 0 Likes
on
0 Posts
1. Someone gave their Visa card details to booking.com
2. Booking.com furnished details to hotel
3. Person has a contractual arrangement with hotel
4. Hotel wants a card number to confirm the booking
What on earth is the problem with that?
Something that has happened to me - booked with a hotel. Small, say a euro or two, charge appears on my card. Charge is later reversed, within a day or two. That looks like the hotel "testing" my card, which seems fair enough to me.
2. Booking.com furnished details to hotel
3. Person has a contractual arrangement with hotel
4. Hotel wants a card number to confirm the booking
What on earth is the problem with that?
Something that has happened to me - booked with a hotel. Small, say a euro or two, charge appears on my card. Charge is later reversed, within a day or two. That looks like the hotel "testing" my card, which seems fair enough to me.
Jan 10th, 2016, 03:37 AM
#79
Join Date: Jan 2016
Posts: 7
Likes: 0
Received 0 Likes
on
0 Posts
I'm not complaining; I'm raising awareness that booking.com pass credit card details on to hotels.
To me, regardless of how clear booking.com make this, passing on someone elses credit card details (other than to a reputable payments provider) is wrong on every moral, ethical, and professional level.
Evidently others consider this practice acceptable. I find this baffling that people not only don't find this behaviour repugnant, but are actually defending booking.com.
To me, regardless of how clear booking.com make this, passing on someone elses credit card details (other than to a reputable payments provider) is wrong on every moral, ethical, and professional level.
Evidently others consider this practice acceptable. I find this baffling that people not only don't find this behaviour repugnant, but are actually defending booking.com.
Jan 10th, 2016, 04:02 AM
#80
Join Date: Jan 2016
Posts: 2,585
Likes: 0
Received 0 Likes
on
0 Posts
Just avoid Booking.com then.
End of story.
I actually find quite normal that booking.com gives my details in order to secure my reservation. And I did know it from start.
What have ethics to do here ?
You can also 'raise awareness' on the fact that you will be debited from your CC without giving approval at paybooths at highways in France. Quite repugnant too, I guess, so avoid highways in France... Just for example, you an keep yourself quite busy !
End of story.
I actually find quite normal that booking.com gives my details in order to secure my reservation. And I did know it from start.
What have ethics to do here ?
You can also 'raise awareness' on the fact that you will be debited from your CC without giving approval at paybooths at highways in France. Quite repugnant too, I guess, so avoid highways in France... Just for example, you an keep yourself quite busy !
