Please sign in to post.

Sending Credit Card Details by E-Mail

I have heard conflicting opinions on whether this is risky. (The possibility of the e-mail being viewed by the bad guys who scan cyberspace for credit card numbers). So I have never done it; I print the details and send by fax, which costs a few $$ and extra time. Is that really necesary or helpful? Or should I send the e-mail but divide the number into 2 sections and send in 2 separate e-mails?

Posted by
23622 posts

This has been discussed many times. An email is many times safer than a fax. The actual TRANSMISSION of the email is totally security. It is what happens after the number arrives at the other computer - the human element. If it is going to be taken it will be taken by someone in the hotel or who hacks the hotel computer. Even if you send a fax, they put the number in the computer and what do they do with the fax paper - throw in the trash. Splitting into two email goes provide an additional margin but the gain is so small that it is not worth the effort. I have sent dozens of number via email with never a problem.

Posted by
655 posts

I guess we've been lucky. We do send our cc details over the internet. In approx ten years we've only ever had one problem and that had to do with an internet cafe. The bank cancelled the transaction. They caught it before we did. We do not send our debit card info at all. We monitor the cc online often and carefully. My guess is that these details are more likely to be compromised in restaurants, shops, etc.

Posted by
23622 posts

If you want to add another level of security use an infrequently used credit card for that purpose. That way if that card is compromised it can be quickly canceled and not affect your other cards. We made all of our reservations with this card and either pay cash when we arrive or used a different card.

Posted by
171 posts

Lola: Up until very recently I was never asked by the owners of small B+Bs I stayed in to send credit card info to hold the room, so this year, when this happened, I felt, like you, alittle uneasy about it. But I'd read other posts that assured me it was safe, so I sent my number to the B+B where I'm staying in Venice. Several weeks later, I recieved another email from her asking about my reservation, if I still wanted the room. So, did she not get the first email/CC#? I re-sent it, but I am still uneasy about what happened to the first email and/or why she needed it again. I did get a confirmation of my reservation after the first email, so I assumed at that time she had my CC#. I would definately follow up with an email confirming that they recieved your reservation and CC#.

Posted by
2876 posts

Because of consumer protection laws, your liability for fraudulent use of your credit card is limited to $50, so I wouldn't worry.

Posted by
9371 posts

I don't worry about sending CC numbers through email, either. You're much more at risk of fraudulent activity when you hand your card to a waiter in a restaurant and they take it to the register (or wherever) to process. My sister was once called by her CC issuer, telling her that her card was being fraudulently used in NJ (we live in IL) before she even left the restaurant where she was eating!

Posted by
17400 posts

Thanks everyone. I was aware this has been discussed before, but I haven't seen anything recently, and I wondered if there were any updates or new thoughts on this. The place I am booking is a small B&B in the UK. They don't have reservations on the website so I am booking by e=mail After reading your thoughts here I went ahead and sent the information by email instead of faxing it. I used one of my minor CC's and I'll monitor it for any unauthorized charges. Never had a problem yet in 20 years of traveling overseas almost yearly, using CC's and ATM machines, but it's hard to keep up with the scams and thieves so I just thought I check.

Posted by
10595 posts

When I have to send CC info for a reservation I break the number up in two separate emails. So far, so good...

Posted by
32349 posts

Lola, I'm also a bit reluctant to send credit card information via E-mail, but unfortunately it's often the easiest way to book Hotels in Europe. A couple of times in the past, I've split the information into two E-mails but don't really feel that provides much better protection. After all, if an unscrupulous employee has access to the first E-mail, they'll also have access to the second one. Transmitting information via FAX has the same weakness. Although credit card information sent via "secured" websites (those with the "https" at the beginning) is fairly safe, when the information arrives at the destination it's often accessible by employees that work at the Hotel. In arranging my trip this year, I also had to submit a photocopy of my Passport, which really made me nervous. However, so far no problems have resulted. Cheers!

Posted by
23622 posts

Technically a direct phone provides the same level of security as a fax. Most credit card fraud is done the old fashion way -- someone physically copies the number or finds it on a discard piece of paper. Why is that so few people think twice about handing a credit card to a waiter who walks away to process it but worries about sending it over the internet??

Posted by
2193 posts

There's an element of risk no matter how you share your personal data. If you decide to e-mail this information to the hotel and if you feel reasonably confident that they're trustworthy, you could send more than one message with information split between two or more e-mails. It doesn't add any real security, but it's also not very likely that each message will be sent/received through the same servers. You could also type out the numbers (i.e. six) instead of using digits (i.e. 6), but Information Security people will tell you that sending personal data via regular e-mail (without encryption or secure servers) is not at all secure. Some people mistake digital data transmission for security. There's also the human element already mentioned...who's writing your number down, where are they writing/typing it, etc. Small hotels/B&Bs just aren't going to have a secure reservation website or system like Marriott (i.e. sans humans). I always phone the hotel directly after settling on a lodging via e-mail, but this has risks, too. You're going to need to select a method you're comfortable with, but just know that there's risk, even with e-mail. Just because a few people have never had a problem doesn't make sending personal information via regular e-mail secure. Just Google this stuff & read up. Good luck, and have a great trip!

Posted by
1895 posts

I only use my Capital One card for travel. As Frank suggested a few posts back, use a infrequently used card...that's my Cap One. I got it just for the fact that they charge fewer fees for international transactions. I use my Cap One card for deposits, and I email the number, it's just easier. I have a fax, but not a number with international capabilities. Now, it will take me YEARS to ever earn a free flight on this card, but that's what my United Mileage Plus card is for.
The Cap One card is in my safe until I need it for travel 1x a year, then I use it exclusively on my trip and use my United Mileage Plus card as back up. When I get home, all my charges are in one place, easy to check.

Posted by
158 posts

this question reminds me of the old folks that used to come into the bank that wouldn't want to get online banking access because of "identity theft" but had no qualms writing checks for everything.

Posted by
17400 posts

Matthew, are you calling me old??? ;) I asked the question because I was told by a family member exactly what Michael just confirmed: "Information Security people will tell you that sending personal data via regular e-mail (without encryption or secure servers) is not at all secure." Apparently the risk is in the transmission itself, in addition to whatever may happen with the paper copy at the other end. But I decided to go ahead and send it because of the other reassurances regarding credit card fraud: if someone does copy the number and try to use it, I can challenge the charge with my bank. Also, the CC I used is not my "main" one, and I can easily monitor it. Finally, my main "personal details", like address, birthdate, etc. are nowhere in that messages. In this case, I could have picked up the phone and called, but my last phone call to Europe (for Accademia reservations) cost $12.00. I actually tried the "splitting the number into 2 messages" method for a B&B in Spain for this same trip. Unfortunately their reply confirmation linked both messages and contained the whole number. So much for that idea. But your point about the checks is well-taken. Anyone to whom you write a check has your bank account number. But without a lot of the other information, this number is useless for fraud purposes.

Posted by
158 posts

Lola, i have no idea how old you are. aren't we all super attractive, 21-year-old genius millionaires on the internet? a suggestion for calling europe. i use skype, or pennytalk using my regular phone. most european land lines are $.02/minute via penny talk. you can do the same with skype, but you may not have the computer set up for it with a mic and everything.

Posted by
446 posts

Frank says: "The actual TRANSMISSION of the email is totally security." Security gurus will tell you that this is not true, and they are right. Most email is sent in plain text. You would have to use PGP encryption, or an encrypted email service such as HushMail, to send an email that is totally secure. Regardless, the risk that your plain text email will be intercepted by someone is actually very small. Still, many hotels provide secure websites with encryption for making reservations. This is mainly to make their customers feel more comfortable. I agree the main risk is on the other end, with hotel employees who may be careless with your credit card information. But, that can happen with faxes, or even over the phone.

Posted by
12313 posts

I'm less worried about the email getting intercepted than I am that an email can be forwarded to anyone (or everyone). There is also a risk (but I think slight) that emails could be hacked into - think climate scientists. The best rule I've heard for email is don't put anything in an email you wouldn't want to see on the front page of a newspaper - my credit card information isn't something I would want printed in the newspaper.

Posted by
81 posts

Even when I recently made hotel reservations, both hotels asked me to call or said they could call me for the credit card number. Neither wanted me to send it via email.

Posted by
8 posts

My mother paid a hotel bill after a stay of one week. The receptionist read out the numbers of her credit card as he was entering them into the computer. Later that month when her statement arrived she discovered many items bought via internet that were not her transactions. She had been concerned at the time that this quy had read her numbers aloud, and it was eventually proven that a colleague had been writing the information down to be used later.

Posted by
17400 posts

Well, I already sent it in by e-mail based on the reassurances in the first six posts here. Subsequent posts confirmed my fears that it can be risky, but apparently the risk is minimal, expecially in light of all the other ways our CC numbers can get passed around. I'll just monitor the card frequently and report back if anything suspicious happens. (In all my years of travel, some 20 trips to Europe, plus lots of restaurants, hotels, etc. in the US, I've never had a problem, so I'm not really expecting any.)

Posted by
850 posts

Keep in mind what Tom wrote in his post. You have a limited liability with the credit card. The point about using a lesser used credit card sounds good but if you reserve a rental car and plan on using the cdw of the credit card just make sure you use the same credit card for all charges associated with the rental company. Otherwise the cdw would not be valid. You didn't mention anything about renting a car and probably was aware of this but it may be worth mentioning for someone's benefit.

Posted by
252 posts

Do B&Bs and smaller hotels actually check the validity of the CC number? I suspect it's more of a scare tactic for us to keep our reservations. If anyone is planning a trip right now, transpose a number or two and see what happens then report back here.

Posted by
2787 posts

I am planning a trip now for next summer and I would no more think of transposing numbers on any CC #s that I might have to send in 3 e-mails than I would not paying for a traffic ticket that I got in Europe. What if the innkeeper keeps the CC # to bill you with later? Not good karma.

Posted by
1167 posts

I just tried to use my Capital One Visa to make a reservation in Spain and immediately got a notification from Cap One that a foreign charge was being made. Seems pretty safe to me.

Posted by
2193 posts

Otter: Several years ago, a small hotel in Rothenburg odT ran the credit card the day before we arrived...I had given the manager the requisite information months earlier when making the reservation. Anyway, they had transposed a number when writing it down initially, so their attempt to validate the day before arrival was not successful. What did it mean for me? They cancelled the reservation, rebooked the room, and sold out the hotel. They did send an e-mail, but we had already been in Europe for a couple of weeks, and I wasn't checking e-mail. Needless to say, I was disappointed when we arrived late in the evening and learned about all of this. It worked out okay in the end...the manager walked us to a brand new apartment style hotel lodging across the street...ended up with a fantastic lodging that was cheaper than the original hotel. Throw in a great restaurant and beer garden out back, and everything was cool. Although I always bring a copy of the e-mail confirmation to confirm dates/rates upon arrival, it wasn't helpful in this case. It did help me once in Paris, however, with making sure the hotel charged the agreed-upon rate...they tried billing me at a higher rate but agreed to the lower rate when I produced the confirmation.

Posted by
23622 posts

It has been reported by other posters here that sometimes a hotel will run the credit card for 1E just to check the validity of the card. Probably because in the past they have been stung by bad cards. For some reason we only want to think that the hotel people are potentially bad guys when some of us are just as bad. It is a two way street.

Posted by
446 posts

Michael writes: "Several years ago, a small hotel in Rothenburg odT ran the credit card the day before we arrived...they had transposed a number when writing it down initially, so their attempt to validate the day before arrival was not successful...They canceled the reservation..." That happened to me once, in Carmel, California, but the outcome was not as fortunate. I had booked a room to attend the Carmel Bach Festival, and when I arrived, the motel said they had canceled my reservation and given the room to another person because for some reason my credit card didn't work. They never bothered to try to contact me about the problem. They did call around to other motels and finally got me a room, but at double the price of their establishment. Because it was during the Bach Festival, practically every room in town was sold out.

Posted by
529 posts

I learned the 2 parts/2 e-mail trick from a vendor who suggested it to me a few years ago (can't remember if it was for a product or a reservation or something else). Put some time between the two emails. I've used that method several times since, tho not always. Don't really know if that is making my info any safer, but I like the idea that a hacker (which is often a software app snuck into your system as part of something else you download) can't get all the info at once. Though I can't say that software hasn't caught up with that trick. Though others have pointed out that your liability is typically limited to $50 when using the credit card, the real risk is that CC info can be used to get other info about you and grow into ID theft. And even if you are lucky and limited to the $50 exposure, it's still a major hassle to report and fight the expense. Trust me on this. So, although emailing your info is at least as safe as any other means, like anything else it is not foolproof. You should use discretion and use any means available to reduce the risk that exists with any form of transfer of secure information. I agree with others that a fax is no safer than email. But don't lose sleep over it.

Posted by
53 posts

I recently got fraudulant activity in the past month and some originated from paris. the only thing I could guess it happened was because I sent my credit card information by email in three different attachment segments. So I would say NO don't email. This was my first time ever emailing credit card info and I had over $3000 charges on my credit card but luckily my credit card company picked it up and denied all the charges.

Posted by
23622 posts

First, check your dates. You are responding to a question that is over two years old. Second, if you credit card was comprised it was not because it was sent via email. Email is extremely secure. It was comprised because someone at the other end after receiving the email did something with your number. That can happen if you called, spent a fax, or emailed the number. Once it is in someone else computer system, which it will be with a reservation, then all bets for any security are off.

Posted by
527 posts

When I have rented apartments in Vienna or booking with email at other places who do not have a secure site I always let them know I am sending my CC info in 2 different emails. Never had any problems with that.

Posted by
17400 posts

This is a very old post almost 2.5 years. Since asking the question, we have sent CC datails many times, sometimes broken into two emails, sometimes not. How reckless is that? Honestly, I don't think it matters. I will say that in all the time that has passed since I wrote this, the one and only time our card has been compromised was within hours after we handed it to a waiter at a highly acclaimed Seattle restaurant. Fortunately our CC bank caught the suspicious activity and called us right away.

Posted by
570 posts

I haven't had any problems in the past, but last week there was a charge of $24.49 for Skype from Luxembourg on my Cap One MasterCard. (This is the card I use only when traveling in Europe.) I called and they cancelled the card and issued a new one. The ONLY things I've used it for lately were two hotel reservations via email, one in Haarlem and one in Binz, Germany for September.
Now the issue is, if they try to charge the old card before I arrive, it won't work. So.....I guess I have to let them know the new card number.....but I really don't want to send it in another email. Arrgghh!!

Posted by
2829 posts

Sending CC numbers is risky. I refuse to do it, even it means passing on a specific accommodation offer (do they want my business? then act like a 2013 establishment, not a 1983 one).

Posted by
3580 posts

Cap-One credit card company is good about catching fraudulent charges. Twice, I got calls from them regarding suspicious attempted charges in Europe (after I had returned home.) In both instances, I had used the card only at UK hotels, not in e-mails. I've sent credit card info via e-mail by dividing the number over two e-mails, and had no problem with fraud. I think the fraud comes from hotel employees. No proof, just a guess. I pay in cash most of the time for all my hotels and purchases in Europe.

Posted by
5 posts

What I've done in the past is use Photoshop (or some other image editor) and typed my CC info in there. Turn the whole thing into an image and attach that to your email. Don't mention the words credit card in the body of your email. Just say "here's the info you requested."

Posted by
9371 posts

Alex, most people and places would be leery of opening an attachment with a vague notation like that.

Posted by
518 posts

I have sent my credit card information via e-mail numerous times without issue. Each time we go though, more and more of the smaller places have online reservations available than the trip before. This year out of a month's trip, I made e-mail reservations for less than a week. The rest were online. I made one reservation by phone in Wales with a B&B that is cash only. He finally said, "Oh, this is too much trouble. Just come. You will show up."

Posted by
5 posts

I don't see why Nancy. A jpg file is a jpg file. It cannot contain any virus. I'd get what you are saying if it was compressed and contained in a zip file, but a raw .jpg file cannot be executed in any way.

Posted by
1525 posts

General truths in life; 1) Anything printed on a piece of paper is more dangerous than displayed on a computer screen. 2) There must be something like 2-10 BILLION credit card numbers in circulation right now. Your numbers are not that special. 3) Your card issuer has a vested interest and is very good at finding improper uses when it happens. Your liability is usually quite low. 4) Improper use leaves a trail. Most petty thieves know this. 5) We are far, far, less interesting to other people than we think we are. Email the numbers. We have done it dozens of times.