In his books Rick suggests emailing the desired hotel with your details and then adds, "Hoteliers typically ask for your credit-card number as a deposit." I certainly understand why. My question: is it safe to send your credit-card number over in an unsecured email? What is the alternative other than an expensive phone call with language translation problems and/or a fax which may be hard to obtain? The desired hotel's web-site does not provide a secured reservation link.
Just send two seperate emails. Certainly more secure than a fax. If you should need to make a phone call, buy a phone card in the US, it brings the cost down to a few cents a minute.
Be it email, fax, or telephone there is no secure way to send CC info to the hotel. A lot of fraud comes from low-tech scams like stealing postal mail, rifling through garbage cans, or a dishonest employee writing a CC number on a piece of paper and selling it to a criminal group. Thus the risk is the same no matter which method you use. I've sent my CC details to countless hotels via one email and never had a problem.
Like Jo suggested, I always send the cc information in either 2 or even 3 emails. I've done this many times without any problems. I probably would not have had problems sending it all in one email, either, but this feels more secure to me.
We make all our own hotel reservations from home and send the credit card number using one email. We ahve never had a problem with hotels in India, Philippines, Scotland, Europe, eastern europe, etc. Never had a problem and don't anticipate we will, but then we usually stay at three and four star hotels, Best Western, Ibis, and privately owned. Don't worry.
A few years ago, I bought a schedule CD from the Bahn, and they asked for payment by credit card. I sent it in two emails. No problem. Other than that, in the last 8 weeks in Germany, since 2004, I have made reservations at 22 places and NEVER been asked for a credit card number. I just looked at the website for the only "starred" accommodation I've stayed at, a *** lodge in the Harz, asked for a credit card number if you are going to arrive after 6 PM, but not otherwise. I arrived at 7 PM so I imagine I guarenteed it with my credit card, but you enter that on the booking webpage - no email. This lodge, BTW, was the only place I have ever booked online, i.e. other than by personal email, in that time. And also the only place to indicate on their website that they take credit cards (in Germany, to get more than one star, you have to take credit cards.)
What is meant by "send CC info in two emails"? Please explain. (I have never heard of this!) Thanks.
Kathy, If your CC# is 1234 5678 2345 6789, send 1234 5678 in one email, then 2345 6789 in the next one. Of course, explain to the recipient what you are doing. Or you could send 1234 2345 and 5678 and 6789m as long as the recipient knows what you are doing.
I always just send one email, and I have never had a problem.
Centennial Frank believes that the way emails are transmitted, they should not be interceptable (I tend to agree with him). But then, why do companies have secure websites for the transmittal of card numbers. But then, I have never had anyone ask me for a credit card number to secure a reservation. Maybe you should ask yourself if you want to do business with someone who doesn't trust you.
I use my Capital One Visa. Since they automatically advise me anytime there is a foreign transaction I would know immediately if there was unauthorized use. I feel much more secure this way then giving any credit card to a restaurant server in the US who takes it away to transact the charge.
Larry - I have a couple of cards (one Visa one Mastercard) that I only use about once a year to keep them active. When planning a trip, I only use one of these cards to secure hotel reservations. If any charges show up, I know it's either incorrectly charged by the hotel or fraud. This way I minimize the potential issues with the couple of cards I use on a regular basis and pay off monthly. Most of the time I just send the card info. in one email. If the proprietor asks for it in two, then I send it in two. In the past 10 years, I have not had any problems with fraud stemming from my international reservations.
We prefer to use email only to arrange a time to place a telephone call to a hotel. We place a call by 7:00 a.m. our local (U.S.) time, and the calls are relatively inexpensive. Although early in the U.S. it is business hours in Europe. In our email to make an "appointment", we confirm that we can converse with an English-speaker at the hotel (I speak decent Spanish but we haven't traveled to Spain yet). In our phone call we confirm a reservation, discuss our room requests, confirm the cost, and provide the credit card number. We then alert our credit card issuer of the reservation and estimated cost. Although there is cost to the transatlantic telephone call, we treat that cost as equivalent to an inexpensive insurance premium to know that (1) our reservation is complete, (2) our credit card number is at little risk, and (3) we have minimized the risk of misunderstanding. We all know from experience that it is as easy, if not easier, for a misunderstanding to arise from an email as from a telephone call. With a phone call, we generally know of a communication problem immediately instead of when we arrive at the hotel. Larry, as you correctly noted in your post, the choice is whether to incur the cost of a transatlantic phone call. We believe that the cost of the call can be minimized and the cost is relatively small in comparison to the assurance that you should receive. Good luck with your decisions.
Lee - you have NEVER had anyone ask for your credit card number for a reservation? The U.S. hotels ask me all the time! Recent trips to Disney World, New York, Chicago and our upcoming trip to Paris & Provence - hotels big and small, all have asked and I have given without a problem. As to the safety of sending this info on unsecured email - as others have noted, the actual transmission of the email is not a problem and I have sent all info requested (now usually including the security code) in one email. My only problem recently was that my credit card company denied the charge because the charge was originating in France. Of course I had not yet called them to say I was traveling in France (because I wasn't) so when the hotelier contacted me I had to call to okay the charge.
I think Lee tends to stay in little mom and pop places that probably don't even TAKE credit cards. At the 3 places we're staying this summer, 2 needed credit cards, one is a mom and pop place, we just had to fill out a form and promise that we'd show up.
You're going to have to accept some level of risk, because it doesn't matter if you call, e-mail, or FAX your information, there's an easy way for bad guys to steal it if they wish to regardless of method used. I always use e-mail for inquiries but call (it's very cheap in 2011) to confirm credit card details. Language barrier can be a little tricky for tiny B&Bs or very small pensions, but I've always been able to get the information across. This isn't necessarily any more secure than any other method, but I just prefer speaking to a live body, and I like trying the local language. As for sending credit card details or other personally-identifiable information in regular e-mail (unsecured), it can be easily intercepted by a bad guy & your data is right there in text for anyone to read. There are lots of ways this can happen. There's nothing secure about digital data transmission, period. There are lots of encryption tools you could use, but the recipient would need to use decryption software on the other end – that's secure. Using a secure website is secure (https). Sending an e-mail is not secure, but many people do it and have never had their info compromised. Again, you just need to accept some risk. Use a credit card and never a debit card to limit your liability should your data be compromised. The only time I haven't had a lodging anywhere request a credit card number is when I'm a repeat customer, but it's quite rare. And I've experienced this only in small B&Bs when I know the owner - just did this last week in Toronto at a small 3 room B&B.
I have to disagree with Michael. The actual transmission of an email is nearly impossible to intercept. Otherwise why would the federal government spend millions to build a secret facility in San Franisco in an attempt to intercept emails if it was so simple? The only time an email is intact is at the beginning and ending servers. Inbetween it is broken into data packets sent via nearly random paths to the end server. IMO breaking into a couple of email may actually decrease the security at the end receiver because the number will have to be written down to recombine the numbers. Do not know why this generates so much discussion when everyone who has asked the question has on many occasions given their credit card to a waiter who has disappeared with it for an extended period of time. O' I forgot. We are going to Europe where everyone is a thief. My credit card has been compromised twice in the US and never in Europe.
Be it encrypted or unencrypted, the chances of an email being intercepted during it's actual transmission are astronomical. There are so many emails bouncing around the world every second that even the NSA's "supercomputers" supposedly have problems keeping up with the volume. You literally have a better chance at winning a million dollar lottery jackpot:) If an email were to be read it would be via a hacker obtaining your email password via a virus implanted in a computer, and simply logging into your email account. Thus sending two emails isn't any safer than one email.
Anytime you take your credit card out of your wallet there is risk. This is no worse than handing your credit card to a waiter who can write down your credit card info.
The trouble with a phone call is that you do not have the confirmation details in writing. I have only needed it once, when a small guesthouse in Germany tried to charge me for 3 nights instead of the 2 I confirmed in my booking. It was really good to have the copy of the email exchange to settle the dispute.
Lola: I always ask for a confirmation e-mail druing the call, which is typically sent. I agree that it's most likely never going to happen to a typical person at home in the suburbs, but consider someone using open public WiFi in a big city center somewhere (library, coffee shop, apartment building, or other) to send e-mail or access online bank accounts. A barely knowledgeable hacker with the right software sitting a few tables down could read every keystroke from your laptop and/or intercept e-mail messages if you're not using secure counter measures. They can establish fake WiFi networks that look legitimate – even smartphones are at risk. Then, they have your user IDs, passwords, account info, and anything else sent in e-mail. You just can't ignore these vulnerabilities...hacking costs hundreds of millions per year...it's big business. Still, I agree with Frank that this issue generates more discussion than it's probably worth. I say, call, e-mail, or FAX using your credit card and call it a day! :)
Karen, I'm only talking about Europe (Germany and Austria). Of course in the US I've been asked for a CC. And, Maureen is right, almost half of the places have been to are M&P "Privatzimmer". I don't think most most of those places take American CCs. I alway pay in cash. The only place I know of for sure that takes American credit cards is the *** lodge in the Harz; they say so on their website. Another place says they take EC cards (that's a European debit card, I think). Another place says if you want to pay by CC, book through booking.com. If you pay on the premises, it's cash only.