Requiring a chipped CC?

Old Jan 19, 21, 7:27 am
  #1  
FlyerTalk Evangelist
Original Poster
 
Join Date: Sep 2002
Location: Chicagoland, IL, USA
Programs: WN CP, Hilton Diamond
Posts: 14,047
Requiring a chipped CC?

Looking at a night at the Hyatt Wacker Chicago. I see this on their page:

CREDIT CARD USERS: All credit cards must have a chip and name on the card...”

Not that it affects me particularly, but is a chipped CC a common requirement at Hyatts?
toomanybooks is offline  
Old Jan 19, 21, 8:02 am
  #2  
 
Join Date: Sep 2019
Location: YYZ / NYC
Programs: AC E35K, DL GM, UA PS , Hyatt Glob., Marriott Gold. , Hilton Dia.
Posts: 74
My guess is that this particular location disabled swiping once the EMV (chip) standard came about in the US.
A little backstory: EMV standard was introduced worldwide a long time ago, but in around 2015 the CC processors had enough of the higher rates of fraud found with swipe only, that they forced merchants (like this hyatt site) to play with new rules. The biggest rule change was that the burden of having a fraudulent charge was now the burden of the merchant to pay for if the CC was swiped. With EMV transactions banks would still cover the charge. Most retailers with big-ticket items will generally go down this path - e.g. Best Buy. On a side note: CC skimmers generally skim the magnetic stripe vs. cloning the chip.

People would still swipe cards since it was baked into our psyche, but over time merchants would upgrade to the "insert card" CC terminals and as a step further they may also tell their processor "no swipe" as a method of CC entry.
homegrowned is offline  
Old Jan 19, 21, 10:23 am
  #3  
 
Join Date: Jul 1999
Programs: QF WP, AA EXP
Posts: 3,206
Now if hotels can get finally get away from handling your credit card at check-in, and allowing you to insert your own card in a terminal at the counter, or better yet using a contactless card/device. The whole concept of not allowing the merchant to handle the card helps prevent card data theft by an unscrupulous employee. But old habits die hard.

I've been to so many hotels (not just Hyatt) that have counter top terminals, yet the clerk still wants to paw at your card and not even use the terminal.
TravisMT81 and Pocatello like this.
SNA_Flyer is offline  
Old Jan 19, 21, 2:35 pm
  #4  
Four Seasons Contributor BadgeHyatt Contributor Badge
 
Join Date: Mar 2013
Location: Parts Unknown
Posts: 7,337
They're standard here in South Korea.
Aventine is offline  
Old Jan 19, 21, 2:54 pm
  #5  
 
Join Date: May 2007
Location: LAX
Programs: UA 1K, Hyatt Globalist
Posts: 2,932
Originally Posted by SNA_Flyer View Post
Now if hotels can get finally get away from handling your credit card at check-in, and allowing you to insert your own card in a terminal at the counter, or better yet using a contactless card/device. The whole concept of not allowing the merchant to handle the card helps prevent card data theft by an unscrupulous employee. But old habits die hard.

I've been to so many hotels (not just Hyatt) that have counter top terminals, yet the clerk still wants to paw at your card and not even use the terminal.
Over the past couple of years, I've experienced more hotels asking me to insert my own card at a counter-top terminal (I mostly stay at Hyatts, both domestic and international). This practice does run counter to my usual habit of plopping down my ID and credit card on the counter, but I'll happily adjust if it means better security.
dkc192 is offline  
Old Jan 19, 21, 4:21 pm
  #6  
 
Join Date: May 2002
Location: Arizona
Posts: 4,888
Originally Posted by Aventine View Post
They're standard here in South Korea.
Yep they EMV has been standard almost everywhere in the world besides the USA for years prior. It makes you wonder who lobbied so hard to keep the mag stripe going so long. Its sad because we all pay for fraud in higher fees
Centurion is offline  
Old Jan 19, 21, 10:38 pm
  #7  
FlyerTalk Evangelist
 
Join Date: Jul 2005
Location: Seat 2A
Programs: AA EXP LT GLD 1MM, BA GLD, NH/UA*G, Hyatt Dia, Marr Tit LT PLT, IHG Spire,HH Dia, MGM NOIR,Hertz PC
Posts: 10,468
Originally Posted by Centurion View Post
Yep they EMV has been standard almost everywhere in the world besides the USA for years prior. It makes you wonder who lobbied so hard to keep the mag stripe going so long. Its sad because we all pay for fraud in higher fees
How does a chip vs magnet stripe prevent fraud? Unless there is a pin code attached to it it means absolutely nothing.
skywalkerLAX is offline  
Old Jan 19, 21, 11:14 pm
  #8  
 
Join Date: Feb 2011
Posts: 1,127
Originally Posted by skywalkerLAX View Post
How does a chip vs magnet stripe prevent fraud? Unless there is a pin code attached to it it means absolutely nothing.
The chip is a live circuit that generates new/different codes for each transaction (I believe using a challenge-response to a code provided by the terminal); unlike skimming the static data on the mag stripe, the code captured from the chip on one transation does no good in the next transaction. So the terminal passing on a valid code from the chip proves that you are using the original physical card. Doesn't protect against the card being stolen (which a PIN would), but a LOT of credit card fraud is from mag-stripes being cloned onto fake cards and swiped.
jmastron is online now  
Old Jan 20, 21, 3:52 am
  #9  
Moderator: Manufactured Spending
 
Join Date: Jul 2011
Posts: 6,127
Originally Posted by homegrowned View Post
My guess is that this particular location disabled swiping once the EMV (chip) standard came about in the US.
A little backstory: EMV standard was introduced worldwide a long time ago, but in around 2015 the CC processors had enough of the higher rates of fraud found with swipe only, that they forced merchants (like this hyatt site) to play with new rules. The biggest rule change was that the burden of having a fraudulent charge was now the burden of the merchant to pay for if the CC was swiped. With EMV transactions banks would still cover the charge. Most retailers with big-ticket items will generally go down this path - e.g. Best Buy. On a side note: CC skimmers generally skim the magnetic stripe vs. cloning the chip.
My understanding is that the merchant is liable for fraud only if the card has chip capabilities but the merchant doesn't. If the card only has a magnetic stripe, then the bank is responsible for fraud as they failed to provide an EMV chip.

With that said, I doubt any fraudsters are going to use stolen/cloned credit cards at a hotel where they have to provide ID and there are cameras everywhere.

My guess is that this rule is meant to disallow prepaid cards, Visa gift cards, and the like. A "real" credit/debit card will almost universally have a chip these days.
cbn42 is online now  
Old Jan 20, 21, 7:20 am
  #10  
FlyerTalk Evangelist
 
Join Date: Jul 2005
Location: Seat 2A
Programs: AA EXP LT GLD 1MM, BA GLD, NH/UA*G, Hyatt Dia, Marr Tit LT PLT, IHG Spire,HH Dia, MGM NOIR,Hertz PC
Posts: 10,468
Originally Posted by jmastron View Post
The chip is a live circuit that generates new/different codes for each transaction (I believe using a challenge-response to a code provided by the terminal); unlike skimming the static data on the mag stripe, the code captured from the chip on one transation does no good in the next transaction. So the terminal passing on a valid code from the chip proves that you are using the original physical card. Doesn't protect against the card being stolen (which a PIN would), but a LOT of credit card fraud is from mag-stripes being cloned onto fake cards and swiped.
Honestly the majority of CC fraud these days is through data hacks and leaks. I can't remember how many times I had my cards replaced in the last 3-4 years after the more prominent leaks such as British Airways.
skywalkerLAX is offline  
Old Jan 21, 21, 12:19 pm
  #11  
 
Join Date: Apr 2004
Posts: 126
1) The hotel bears all liability for fraud for swiped transactions so by disallowing swipes they are removing all fraud liability and chargebacks

2) In most cases, if you are inserting your card into a hard reader (like an Ingenico device), you and the hotel are benefitting from "Point to Point Encryption" (P2PE.) An encryption public key is embedded into the hardware of the device, and the decryption private key is only held by the credit card brand -- its not on the device and the hotel doesn't have it either. Can't lose a credit card to fraud if you never possess it. It simplifies the hotel credit card compliance program and improves safety for the customer
mreplus is offline  
Old Jan 21, 21, 11:06 pm
  #12  
A FlyerTalk Posting Legend
 
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 92,711
Doesn't the requirement to have a name (presumably the name of the hotel guest who is attempting to check in versus Mickey Mouse) on the credit card require the hotel employee to see/handle the credit card?

From the viewpoint of a guest, having to insert a card and then sign on the screen with the special pen requires the guest to touch items and surfaces that have been touched by many previous hotel guests, so it doesn't help to prevent the spread of COVID-19. [In some many merchants, I can at least sign with my pinkie knuckle rather than handling the special pen and most other merchants allow me to wave/touch the terminal with my credit card rather than fiddle to insert it.]
MSPeconomist is offline  
Old Jan 22, 21, 5:04 am
  #13  
FlyerTalk Evangelist
 
Join Date: Jul 2005
Location: Seat 2A
Programs: AA EXP LT GLD 1MM, BA GLD, NH/UA*G, Hyatt Dia, Marr Tit LT PLT, IHG Spire,HH Dia, MGM NOIR,Hertz PC
Posts: 10,468
Originally Posted by mreplus View Post
1) The hotel bears all liability for fraud for swiped transactions so by disallowing swipes they are removing all fraud liability and chargebacks.
That's definitely not correct. They might remove some liability by adding an extra security layer but certainly not all. There can be multiple reasons of fraud and resulting chargebacks.
skywalkerLAX is offline  

Thread Tools
Search this Thread
Search Engine: