Industry  |  2 July 2018  |  Mews  |  4 minute read

Security First with Online Payments

Back to blog home
  • Share this article

Quick read

- Stay ahead of increasingly intelligent hackers by moving your PMS to the cloud.
- Slash chargebacks and drastically reduce the risk of card fraud by leveraging best-in-class payment security technology such as tokenization and AI fraud detection provided by a payment gateway like Stripe.
- Switch on automated online payments so you can sleep easy at night.



Let’s get things out of the way from the off - these days using an online payment solution is just as secure, if not more secure, than traditional payment solutions like ubiquitous payment terminals. It goes without saying that, if your business is run through a local server, it is shockingly easy to hack into and the implications of such a breach could put you out of business. The cloud can serve as a safe haven against such breaches by leveraging some of the best security technology and software out there.

Furthermore, chargebacks and card fraud are a perennial pest to hospitality businesses and, in contrast to old fashioned and vulnerable manual payment terminals, advanced and nimble online payment gateways are the solutions making genuine progress in protecting businesses from bleeding away precious booking dollars to fraudsters.

To be clear - cyber security is no laughing matter for the hospitality industry. Criminals are finding innovative ways to steal credit card information from unsuspecting sources. The recent breaches at Mandarin Oriental, Starwood and Hyatt are all cases in point. The Mandarin Oriental group are currently weathering a 5 year notice period and are in serious danger of getting thrown out of the entire Visa and Mastercard networks. If it can happen to large chains who are already pouring money into cyber security efforts then it can happen to anyone.


Protect yourself and your guests

Those chains spending all that money on trying to protect themselves have an innate weak point related to their legacy structures - almost all do not use a cloud-based PMS, which would allow them to run a truly online payment solution.


Once a property opts for a cloud-based PMS, it immediately tilts the security odds in their favour as they can get access to best-in-class payment gateways with some of the most advanced protection technology. Once the transition is made, the next, and most crucial step, is to switch on the online payment feature within the system. Think of it like a big button that, once pressed, immediately launches an armada of the most hardcore security features available to mankind.

Switching on

Despite the clear benefits, the majority of hotels who have already taken the leap into cloud-based property management systems have yet to press that button and automate their online payments. It’s akin to buying the latest iPhone and only ever using it as a paper weight...well, not quite, but you get the gist.

Why aren’t hoteliers switching on online payments? Many are simply unaware of the feature and its benefits and old habits do die hard. But, for most, there are three fallacies that persist.


1. It's more expensive.

2. It's less secure.

3. It's detrimental to the guest experience.



We appreciate that any new technology takes time to get adopted so we feel the best way to champion the case for automating online payments is to take a look at those who have already made the leap and underline how they have never looked back. Companies like Uber and Amazon have enjoyed the benefits of offering automated online payments for several years and now hotels like Amsterdam’s slick Hotel2Stay and London’s quirky The Good Hotel have also started processing all of their payments online.

Introducing the Mews Merchant - how it works

So we decided to build a modern payment solution to deal with these threats and it’s called the Mews Merchant. It’s a payment gateway that makes it possible to charge credit cards online without terminals. Technically, it processes what are known as ‘Card not Present’ transactions but it’s effectively an e-commerce platform.


Mews Merchant


The guest provides their credit card details just once at the moment they book and the card gets stored (securely) on the guest profile in the Mews PMS. The hotel can then charge the card or create a pre-authorisation on the card at any moment between the time of booking and check out. Again, it’s no different to how your Uber or Amazon account works...

The Merchant is unique in that it runs using a best-in-class payment gateway called Stripe, whose steeled defences afford you and your guests the kind of payment protection that would make Fort Knox envious. These defences come in the form of tokenization of payments, unprecedented levels of fraud detection and PCI compliance.

Slashing chargebacks and card fraud

Credit card fraud is stymied by using an extra layer provided via the Stripe Radar platform and caters to the unique nature of how cards are used when travelling.



In fact, Stripe has become arguably the best payment gateway at identifying legitimate transactions from the dodgy ones. Their latest Radar 2.0 product allows large businesses to take their fraud protections into their own hands with one feature particularly worth highlighting called ‘Radar for Fraud Teams’, which helps businesses reduce fraud by an additional 25 percent, a significant amount when you consider that the cost of card fraud tends to be taken on the chin by businesses in the form of lost inventory and the savage costs of chargebacks. Michael Manapat, Engineering Manager for Radar at Stripe put it best:


“Stripe’s machine learning models are now trained on hundreds of billions of individual data points drawn from the Stripe network. We’ve used these data points to update our fraud models, helping businesses on Stripe more accurately identify fraudsters and reduce fraud rates by up to 25% while still keeping payment acceptance rates high. With Radar for Fraud Teams, we’re launching tooling for teams fighting fraud, particularly those of our larger users, giving them the granular controls to more effectively and efficiently manage fraud.”


Curious? learn more about Radar for Fraud Teams.


As hackers get bolder and find ever more devious ways to hack into weak local servers and as credit card fraud and chargebacks increasingly eat into the profits of hospitality businesses, our industry must fight back by seeking protection in the cloud and leveraging the formidable technology of payment gateways like Stripe. The cost savings over the short, medium and long term cannot be under stated and only by switching on automated online payments will we all (and our bottom lines) be able to rest easy at night.




Mews profile picture


2 July 2018

Similar articles