Recently, AHA (Vic) was informed of fraudulent activities by customers in member hotels using handheld EFTPOS terminals. This may occur when a handheld terminal is passed by a staff member to a customer to enter their personal identification number (PIN) and the opportunistic customer in fact manually enters a stolen credit card number.
After consulting with several of our commercial EFTPOS partners we suggest making sure all staff members have visibility of the EFTPOS terminal at all times and to be mindful of the time taken to enter a PIN (this really should only take a few seconds)
If you allow manual transactions at your hotel, you may also wish to implement a policy that stipulates if a manual transaction is required that staff enter in the numbers not the customer and possibly request a form of ID. This way you can confirm card numbers and names before processing the transaction.
You may seek further advice from your EFTPOS provider in order to reduce the incidence of fraud.
Senior Manager – Membership and Industry Engagement
Australian Hotel Association (Victoria)