So I guess I am three years and one global pandemic late to the party here, but...this seems like the most relevant thread I can find for my inquiry via combination of google and FT forum search. Am heading on my (U.S. citizen) first trip to Europe (beginning in the UK) since 2020 and received an email regarding my first upcoming stay (points redemption). It stated very clear language "Your bank may require you to authenticate this transaction. Use the link you received...". However, I did not receive any emails from their 3rd-party vendor, and the further information on the Hilton website is useless (You may live in a place where you may have to do something, maybe). Does anyone have any guidance here - are stays at risk because they cannot pre-auth a card for what would presumably just be incidentals on a points redemption anyhow? Seems like they are using needlessly strong language if not.