Please sign in to post.

Sending credit card info through email

I will be attending a conference outside Paris in September and there is a list of recommended hotels. I have chosen one of them based on price, rating on booking.com, and distance from conference. All is good but now I am being asked to send my credit card information to reserve the room. I asked if there was an alternative way to reserve but the request was just repeated.

I think the university has negotiated for special rates for the conference which is why we were told to contact the hotels directly (and the emails were provided). But still I am not so keen on providing credit card information in an email.

Is this a common practice? Should I be concerned?

Posted by
7312 posts

It is reasonably common practice, I've done it a few times, but my preference would be to give them the number over the phone (if you have a way to call overseas). Less risk of the number falling into the wrong hands (which is a low risk to start with).

Posted by
2016 posts

It is fairly common for smaller hotels or b&b's that do not have their own website booking facility. I have never had a problem although it does always make me a little uncomfortable. I do send the numbers in more than one email, although I am not sure that mitigates the risk much. You could also call and give it to them directly. Have you asked the person at the university who arranged the special rate if this was their expectation?

Posted by
2817 posts

The hotel doesn’t have a web site although some others do. I haven’t asked conference organizers about emailing credit card but we were instructed to contact the hotels by email.

I have thought of calling but wondered about language difficulties. I don’t speak French. Email has all been in English.

The price is much higher on booking.com.

Posted by
803 posts

I've vowed never to do it again. In over 4 decades of credit card usage I've never had any of them compromised until last August. I received a call from Visa asking me to verify some unusual account activity within the US. Is it a coincidence that the previous week I had sent the credit card information split into 3 emails to a very tiny hotel in Italy? The credit card number was split into 3 emails sent on 2 different days with a 3rd email containing the security code and expiry date.

I've discovered that nearly every hotel will have someone who can understand my English in a phone conversation and if necessary my Italian. It's easy to set up international calling with reasonable rates.

Here's the advice I obtained at the time: "Email providers such as Google and Yahoo, however, have started encrypting user emails. So, you may want to consider one of these email providers. If you don’t have encrypted email, the risk can be quite high. Email is the primary tool hackers use to get personal identification data through hacking, spoofing, and eavesdropping."

I'm sure that my email was encrypted.

In any case there was no financial impact but it is tedious changing the credit card in Paypal and other locations.

Added note: this card was never used for restaurant purchases - only Paypal transactions.

https://lendedu.com/blog/risks-of-sending-credit-card-information-via-email-fax-text-mail

Posted by
6604 posts

I have sent cc info quite a few times now by email. Don't love it, but weren't many alternatives. NEVER had a problem. Plus, my credit cards have many safeguards. I sometimes get annoyed with the "fraud alerts" and the alerts about charges from Europe when I'm planning a trip. Then I think about what the monitoring does for me and I'm good with it. I've had some compromises with my cards but never related to any of my travels and the company has been prompt to remedy them.

Posted by
8341 posts

A few years ago, I booked tours with a South American company (based in Chile) for tours in Argentina and Chile. They didn't accept PayPal and wanted a deposit paid up front.

What I did was send one email with a portion of my credit card information, then the next day, sent the rest of the information. That may have minimized any risk.
Now that company accepts PayPal (went back this year for another trip to SA), so no more issues.

Posted by
2817 posts

Well, just corresponded with conference organizer who said hotel was one of their partner hotels and that was their policy.

So guess I will join the don’t love it, but will do it anyway.

It is hard to know always how credit cards are compromised. I once was in the Grand Canyon with my credit card and fraud alert contacted me about the card being used in Michigan!

Thanks for the feedback. I feel a bit better knowing it isn’t just this hotel.

Posted by
17566 posts

The most common way your credit card is compromised is by handing it to a waiter at a restaurant in the US, where they disappear with it to run it through the machine and then return with the bill for you to sign. This has happened to us twice, both times at “nice” restaurants in Seattle.

Posted by
1625 posts

I always use a credit card with a VERY low limit on it, usually $500-$1,500 to book these kind of rooms then once there give them my main travel (points) credit card. No impact on me if it is compromised because it's a card I don't use often, the thieves will soon find out it's a dud with a low limit.

Posted by
2787 posts

In my 16 yearly trips to Europe, I have occasionally been asked to provide a credit card number as a deposit for something. Every time I have told the requesting party that I would be sending them the information in two emails. I then split the cc # in half and send it that way. I have never had a problem doing that.

Posted by
1321 posts

You can see if you CC offers the safecard option. Also see if you can send the information in separate emails if possible even from different email addresses. I've never had a problem much as I worry. I was hacked using the Oslo Card site which one would assume is encrypted.

Posted by
9110 posts

At the end of the day there is no way of securely sending CC data, which is why you are protected from fraudulent activity. You just have to take a leap of faith. Even big companies with their big IT departments get CC details hacked. Sending CC numbers in two separate emails or by phone doesn't protect you from a dishonest employee from simply writing down your details on a piece of paper and selling it to a criminal group.

Posted by
15040 posts

How about telling the bartender here in the US that you want to run a tab on drinks ordered and he takes away your credit card for that purpose?

.

Posted by
5837 posts

Sending you credit card info is safe in terms of your liability. That said, a compromised credit card account is a significant inconvenience, especially if your account is suspended while traveling.

https://www.consumer.ftc.gov/articles/0213-lost-or-stolen-credit-atm-and-debit-cards

The Fair Credit Billing Act (FCBA) and the Electronic Fund Transfer
Act (EFTA) offer protection if your credit, ATM, or debit cards are
lost or stolen.

Credit Card Loss or Fraudulent Charges

Under the FCBA, your liability for unauthorized use of your credit
card tops out at $50. However, if you report the loss before your
credit card is used, the FCBA says you are not responsible for any
charges you didn’t authorize. If your credit card number is stolen,
but not the card, you are not liable for unauthorized use
.

Posted by
6604 posts

Capital One is the latest company to be hacked. Credit card info isn't 100 % secure, ever. I'm not overly concerned about sending my info via email though I might consider adding another cc with a very low limit as Letizia described.

Posted by
4535 posts

DougSpindler's post is filled with inaccuracies. First and foremost: US law protects credit and debit card users from fraudulent use. You are not responsible for more than $50 of charges, and I have never heard of a bank charging even the $50. It does not matter where the fraud occurred. While using a debit card puts you at risk of your bank account being drained temporarily, the same protections apply.

The Capital One breach was not a case of fraudulent use. Someone stole data and reports are that it was not even used, just stolen. Most major retailers have been hacked at some point, consequently, everytime you use your CC at Target or Home Depot, etc.., you run the risk of your card being hacked.

Certainly emailing a card number is more risky than average, but hackers would generally have to already have access to your account or the hotel's. It is not unheard of, but extremely rare. You could be hit by a bus walking across the street too. I do recommend carefully noting the email address of any request for payment. Hackers, when they do work, will often change the email address ever so slightly. Make sure it matches the email you know is correct. Splitting emails in two is worthless - if the system was hacked, the hackers would still get both emails.

Posted by
5687 posts

Here's why it's too risky to email your credit card info: you never know who has access to the hotel's email account. What if it's a Gmail account or a webmail account? (You can't always tell - I use Gmail but I don't use a gmail dot com address.) That means lots of people could have the password; hackers might have hacked into it from anywhere in the world. Someone who used to work there might have access.

It's easy to imagine that a hotel that doesn't even have its own website wouldn't exactly have the most tech-savvy people who would know how to avoid phishing attacks or have a secure email account.

Just call the hotel and read them your credit card info over the phone. Having them write it down is more secure than emailing it to them and have people all over the world have access to it. Ask if they use WhatsApp so you can call them for free; if not, at worst you can install Skype and put $10 credit on it and call them that way on their phone number.

Posted by
15040 posts

Those occasions where I booked on-line in the last 10 years on reserving a 2 or 3 star hotel or a hostel in Vienna, France and Germany using my credit card as the payment method, I had to indicate the entire account number which I did and, sometimes, even the CVS number too, I had no problems at all.

The transactions always went through, and definitely no problems at check-in either. Admittedly, I was wary the first time about indicating the CVS #, but any concerns proved groundless.

A couple of times I did call the hotel up directly in Vienna because i wanted to talk to a person in the "Rezeption" to make the reservation, bargain on the room rate, etc still ended up giving the credit card details the guy asked for.

Then there are the small hotels in Germany, such as my 2 star Pension in Berlin, where you can just call them up to reserve, ie, take care of all the details over the phone, and they ask you for nothing, ie no credit card to hold the room. Send them afterwards a confirmation letter by e-mail or by air mail which had better be written in German. I do both as a matter of courtesy. Obviously, no credit card is asked for since the Pension only accepts cash as payment, nothing else. They take your word you will show up.

Posted by
685 posts

Just a few days ago we too were requested to send our CC# for a Paris hotel. We decided we were not comfortable doing that, so my husband emailed the hotel saying we would call them and wanted to know when it would be convenient.
When he did call, the person with whom he had been corresponding answered. The call took less than a minute. I don’t think it will be expensive,, but huge peace of mind.