timbermeadows

Many of the little bed and breakfast/hotels I've inquired into have asked that I e-mail my credit card information to confirm my reservation and assure my room. Has anyone done this? How secure is it? Most sites do not indicate httpS. And is a fax with the same infor any more secure? Any experiences to share- good or bad?

Bob1

I have never had any problems with doing this. All places have only charged me the agreed amount. I also monitor my account pretty close by going online to look for charges I did not make.

Thonglori

i would NEVER EVER EVER email personal information such as a credit card # over email unless it was with encryption. FAX IT.

jody

I often do , but I send it in 2 seperate emails; number , less the last 4 digits, in one and last 4 digits and exp date in another. don't know if that is much protection but I've never had a problem and I read that somewhere in a security newsletter.

Marilyn

NO NO NO NO NEVER. Fax it. Fax is like a telephone call. It goes from you to them, not like an email which may go through various servers, providers, etc. Just because you haven't had a problem emailing your credit card doesn't mean it's a safe thing to do.

indytravel

I've e-mailed my credit card number for a couple of years and like others have never had a problem. As a precaution when I'm sending my credit card number over e-mail, I regularly check my charges on-line for a few weeks to make sure nothing has happened.

Though it doesn't go through the SSL encryption, it's incredibly unlikely that anyone would have the resources to intercept the e-mail in transmission and be able to do anything with it. Especially considering the message is broken up into "packets" and the packets can route differently to be assembled at the destination e-mail provider. The main reason is the sheer volume of packets, literally billions every day.

When you read about credit card fraud on the internet it's always someone unknown sending you an e-mail asking for your personal information. Or a hacker has gotten into a company's database and stolen a big list of credit card numbers. You never read about a single intercepted e-mail being targeted for credit card crime.

You're much more likely to run into a dishonest clerk who steals the number at a hotel. That clerk can steal it off of a fax as easily as an e-mail. Besides you send the fax in the evening from the US, it falls on the floor in France in the middle of the night and the cleaning people can have your CC number too.

Thonglori

indy travel -- look at the statistics: one hotel clerk, or potentially thousands of computer users?

DONT DO IT! Faxing is your friend.

francophile03

I've sent my c/c information by email without problems so far. I guess there's more than a slight chance that the information can be intercepted. I understand that faxing is alot safer than emailing but what about your c/c information being entrusted with the person who receives the fax. It's only my opinion but if that person is dishonest it's almost the same thing as having your information stolen via email.

andy

Personally, I WOULD FAX it....

Worse case scenerio, email it IN 2 parts.....NEVER all the numbers and exp date...as ANYONE can get it....

Patrick

Indytravel makes a lot of good points. I know people say not to do it, but I've done it literally hundreds of times. I've never had a problem, and if I did have a problem, I have total protection from my credit card companies anyway. Sure I guess if something happened there might be a little headache in straightening it out, but it won't end up costing me anything. Frankly I think your risk is greater when a waiter at a local restaurant takes your card to run it through the machine and then all the info is there for the entire staff to take if they want.

I recently had a hotel specifically ask me to email the number in two parts. I didn't quite get that idea. If someone is intercepting their emails and gets half a credit card number, wouldn't they make the same attempt to intercept the second half?

KS452

There are quite a few urban myths involving computers, e-commerce and the internet. Some of these start off as hoaxes, some are simply imaginary. Others (such as the Y2K scare) are manufactured or exaggerated by journalists and/or people who would like to sell solutions to largely non-existent problems. Of course, there are plenty of credit card scams, but most of these involve the theft or mis-use of the physical card.

In most ways the internet and e-commerce involve exactly the same potential problems as mail-orders placed by ordinary post, fax or telephone. In short, the main risk is that the supplier charges your card but does not deliver the goods, or the goods are not satisfactory and the supplier does not respond to your complaint.

It is not true that geeks and criminals can somehow intercept your emails or pluck your credit card details out of the ether. This is possible only with the vast technical resources of the CIA or GCHQ. Of course, in theory a dishonest employee might conceivably intercept your communication, just as in theory an engineer might tap your telephone line or a postal employee might steal your letter mail. In most cases the chances of this are exceedingly low, if only because of the huge number of emails sent each day - in fact, there are now over 3,500 email messages sent every second in the UK - and growing at the rate of 120 emails per second per month.

Remember that every time you use your credit card in person, the merchant obtains a written copy of the details and your signature as well. The reality is that you are 100 times more likely to have your card mis-used after visiting a restaurant (where your card is taken away from you to be processed) than as a result of an internet purchase. This abuse can even involve "cloning", or making a duplicate copy of the physical card.

The smaller the business the more secure its computer is likely to be - simply because the password is known to one person only and cannot be revealed by a careless, disgruntled or dishonest employee.

Even if your credit card is used improperly, you will not have to pay anything unless you were grossly negligent, or failed to notify your card-issuer of the abuse. In other words, the merchant is the one who carries the risk of fraud, not the innocent card-holder.

That said, understand what the risks of internet ordering really are and guard against them, but don't worry about imaginary or negligible risks.


Only divulge your credit card details to merchants you trust. Be especially careful when dealing with new businesses which have no track record, and those which operate from PO box numbers or private residences. These may be simply accommodation addresses.

kismetchimera

When I make a hotel reservation I always e-mail my credit card number, so far I never had any problems..

Mischka

I do it all the time and have never had a problem. I'm with those who say that you are less safe paying your restaurant bill. If I refuse to use my card on the net, I would not be able to order books from places like Amazon.com, or the numerous other things to buy online. I agree, my bank would cover any problems, so as long as I don't do anything stupid all should be well.

Underhill

Some credit-card banks, such as Citibank, have a system that lets you use virtual numbers over the Internet. You might see whether your own bank offers that service.

mcgeezer

Unless the company has a secure website, like Amazon, I fax it.
Recently I booked a small hotel in Prague and notified my credit card company of the date I expected to be using my c.c. in Europe. I don't know if it will make a difference but I better. I also watch my c.c. bill.

John

Put me on the list of having email my number many many times without a problem, though I do monitor it closely. Nothing has ever happened!!

Marilyn

A couple of these posts seem to be confusing using a credit card to pay online on a secure site with emailing the credit card info to a private email address such as a hotel. It has always been my understanding that the former is fairly safe while the latter is not, but I'm willing to stand corrected.

It certainly would be easier and cheaper to email this info instead of faxing it, but seems like conventional wisdom says fax is safer.

djkbooks

I have e-mailed credit card information on many occasions over the years without incident. Because I'm nervous about it, though, I select the card that expires the soonest.

I have no idea whether one's e-mails are as vulnerable as urban legend would suggest.

But, providing the info via fax or phone is most probably more "secure".

sanschag

I have also emailed my CC info several times and, so far, have not had a problem. What I do to minimize any risk is to send in written out numbers in the local language in the form:

eins-zwei-drei-vier
fuenf-sechs-sieben-acht
etc.

I figure this eliminates any chance of the number getting caught with simple pattern matching techniques (i.e., catch mails with 16 digits or 4 groups of 4 digits).

Paul

marcus

If you are on a secure site, that's https as opposed to http, then your information is safe. Otherwise don't attempt to give your credit card details. The web addresses may not be secure until you actually reach the "Booking form" page so check it again at that stage.
Personally I've never had problems giving details on the net.