You use your credit card all the time but probably never more so than when you are on vacation: it’s convenient and you can easily track your expenses. The flip side is that hotels and resorts are easy picking for data and identity thieves, for a couple of reasons:
- Tourists are using their cards for most transactions and aren’t going to notice invalid or inaccurate transactions until they’ve gone home and seen the statements, allowing thieves a head start without compare!
- Travelers at a resort will often use their cards at multiple points of access, including restaurants, gift shops, bars and spas, making them more vulnerable.
- Hotel technology at the front desk and other points of sale is often out of date and ripe for a breach.
- Hotels and resorts have a high rate of staff turnover and are not always performing intensive background checks. In fact, a large percentage of hotel based credit card fraud cases involve some sort of internal collusion with staff.
So while a large chain resort will have measures in place to keep their customer’s data safe, no system is completely infallible and the ability of a thief to install data retrieving software on the point of sale payment processing systems is certainly possible when you consider the points above.
Many data or identity thefts take place at the point of sale, as opposed to a database breach, which means that all of the card information is being captured, including the verification codes. And the methods used can be as unsophisticated as someone standing beside you at the front desk and capturing your information, and your PIN, on their smartphone.
While most credit cards offer some measure of protection against this kind of fraud, so that you aren’t responsible for charges that you didn’t make, it’s still a huge aggravation to have to deal with the issue: going through and verifying all your recent transactions, dealing with a maxed out card that leaves you with no credit until it is resolved, having your card cancelled by the bank after suspected fraud and the time lag until another arrives, and so on.
How can you protect yourself from vacation credit card fraud?
Book your stay through a central reservation center
If you book your stay through a central reservation system, rather than at the hotel or directly through the hotel itself, you would not be affected by the kind of malware that causes the majority of these data breaches because your card would not be processed at the location where the breach was taking place.
Bill to your room
Every time you use your card at your hotel or resort, you’re more vulnerable to this kind of malware attack. The simple answer is to not use your credit card at the hotel, but rather bill your purchases to your room. And if you do have to use your card, don’t let it out of your sight. While most hotels and restaurants are wiser to this these days and use a portable swipe machine to handle your transaction tableside, some are still going old school, which means having your credit card out of your sight and vulnerable to having the data skimmed, or otherwise copied.
Be wary of public internet connections
Often hotels will offer free WIFI in their common areas, but these aren’t necessarily properly secured and could leave you open to identity theft if you are using your phone or computer to engage in any financial transactions, or anything with private information and passwords. If you must do more sensitive transactions using public connections, make sure they are secured (https:// instead of http:// – the ‘s’ stands for secure, where the data used is being encrypted for protection).
Use bank ATMs only
Avoid using private ATM machines, at times provided for convenience but which are more vulnerable to tampering by the installation of a card reader, than a unit located in a bank. Better still, stick to putting your travel purchases on your credit card. If it is compromised, the money is not coming directly from your account, so your exposure to financial liability is more limited. Different debit cards have different rules about how much liability you will have if your card is lost and you don’t report it right away, or if it is compromised. While most will honor zero liability policies (where you are not responsible for fraudulent transactions), the money is still at least temporarily gone from your account, which can cause financial and personal distress.
Use only one card for travel
By using a dedicated card for travel, you will more quickly find out about breaches that occur after your travel dates because they will not be blended in with your day to day credit card transactions.
Keep a close eye on your statements
Even if you only use a certain card for travel, continue to check your statements or your account online regularly to make sure there aren’t latent fraudulent charges. Thieves will often steal information but then not use it for months, long after your trip is over.
Change passwords and PINs
If you can, change your passwords or PINs for your credit card, after your vacation. If your data was obtained fraudulently, it will be of more limited use to a thief without the all important PIN codes.
Ultimately, there is no foolproof way to protect yourself from credit card fraud, on vacation or otherwise, but staying vigilant and protecting your data when you can need to be top priority.
Justin Lavelle is Communications Director at BeenVerified (https://www.beenverified.com) . BeenVerified is the fast, affordable, and easy way to access public records and search for people. Find out ages, marital status, addresses, email addresses, phone numbers, criminal records, and more.