toomanybooks

Looking at a night at the Hyatt Wacker Chicago. I see this on their page:

”CREDIT CARD USERS: All credit cards must have a chip and name on the card...”

Not that it affects me particularly, but is a chipped CC a common requirement at Hyatts?

homegrowned

My guess is that this particular location disabled swiping once the EMV (chip) standard came about in the US.
A little backstory: EMV standard was introduced worldwide a long time ago, but in around 2015 the CC processors had enough of the higher rates of fraud found with swipe only, that they forced merchants (like this hyatt site) to play with new rules. The biggest rule change was that the burden of having a fraudulent charge was now the burden of the merchant to pay for if the CC was swiped. With EMV transactions banks would still cover the charge. Most retailers with big-ticket items will generally go down this path - e.g. Best Buy. On a side note: CC skimmers generally skim the magnetic stripe vs. cloning the chip.

People would still swipe cards since it was baked into our psyche, but over time merchants would upgrade to the "insert card" CC terminals and as a step further they may also tell their processor "no swipe" as a method of CC entry.

SNA_Flyer

Now if hotels can get finally get away from handling your credit card at check-in, and allowing you to insert your own card in a terminal at the counter, or better yet using a contactless card/device. The whole concept of not allowing the merchant to handle the card helps prevent card data theft by an unscrupulous employee. But old habits die hard.

I've been to so many hotels (not just Hyatt) that have counter top terminals, yet the clerk still wants to paw at your card and not even use the terminal.

Aventine

They're standard here in South Korea.

dkc192

Over the past couple of years, I've experienced more hotels asking me to insert my own card at a counter-top terminal (I mostly stay at Hyatts, both domestic and international). This practice does run counter to my usual habit of plopping down my ID and credit card on the counter, but I'll happily adjust if it means better security.

Centurion

Yep they EMV has been standard almost everywhere in the world besides the USA for years prior. It makes you wonder who lobbied so hard to keep the mag stripe going so long. Its sad because we all pay for fraud in higher fees

skywalkerLAX

How does a chip vs magnet stripe prevent fraud? Unless there is a pin code attached to it it means absolutely nothing.

jmastron

The chip is a live circuit that generates new/different codes for each transaction (I believe using a challenge-response to a code provided by the terminal); unlike skimming the static data on the mag stripe, the code captured from the chip on one transation does no good in the next transaction. So the terminal passing on a valid code from the chip proves that you are using the original physical card. Doesn't protect against the card being stolen (which a PIN would), but a LOT of credit card fraud is from mag-stripes being cloned onto fake cards and swiped.

cbn42

My understanding is that the merchant is liable for fraud only if the card has chip capabilities but the merchant doesn't. If the card only has a magnetic stripe, then the bank is responsible for fraud as they failed to provide an EMV chip.

With that said, I doubt any fraudsters are going to use stolen/cloned credit cards at a hotel where they have to provide ID and there are cameras everywhere.

My guess is that this rule is meant to disallow prepaid cards, Visa gift cards, and the like. A "real" credit/debit card will almost universally have a chip these days.

skywalkerLAX

Honestly the majority of CC fraud these days is through data hacks and leaks. I can't remember how many times I had my cards replaced in the last 3-4 years after the more prominent leaks such as British Airways.

mreplus

1) The hotel bears all liability for fraud for swiped transactions so by disallowing swipes they are removing all fraud liability and chargebacks

2) In most cases, if you are inserting your card into a hard reader (like an Ingenico device), you and the hotel are benefitting from "Point to Point Encryption" (P2PE.) An encryption public key is embedded into the hardware of the device, and the decryption private key is only held by the credit card brand -- its not on the device and the hotel doesn't have it either. Can't lose a credit card to fraud if you never possess it. It simplifies the hotel credit card compliance program and improves safety for the customer

MSPeconomist

Doesn't the requirement to have a name (presumably the name of the hotel guest who is attempting to check in versus Mickey Mouse) on the credit card require the hotel employee to see/handle the credit card?

From the viewpoint of a guest, having to insert a card and then sign on the screen with the special pen requires the guest to touch items and surfaces that have been touched by many previous hotel guests, so it doesn't help to prevent the spread of COVID-19. [In some many merchants, I can at least sign with my pinkie knuckle rather than handling the special pen and most other merchants allow me to wave/touch the terminal with my credit card rather than fiddle to insert it.]

skywalkerLAX

That's definitely not correct. They might remove some liability by adding an extra security layer but certainly not all. There can be multiple reasons of fraud and resulting chargebacks.