NEW SECURITY FEATURE – Multi Factor Authentication

Protecting your freetobook account is critical to your business and is one of our top priorities. Almost half of businesses (46%) in the UK report having cyber security breaches or attacks in the last 12 months according to the annual report from the UK Government on cyber security breaches for 2020. Our new security features help to protect you from the likelihood of a major phishing attack and serve as a major deterrent.

What is Phishing? It’s the most common way for hackers to get access to your account. How do they do this? By pretending to be someone else (up to 81% of all cyber security breaches are now phishing attacks).

For example, they will send you an email that looks like it’s from someone else such as your bank, freetobook or your email provider. In that email they’ll ask you to follow a link to page that looks familiar to you and then ask you do something like login or provide some password information.
Every business is a target for a phishing attack because they’re looking for information they can use to steal money.

Phishing emails often include these things:
1) Urgency – they create a sense of urgency so that you react before looking more closely i.e. “Account suspended – Log in now” or they say you need to log in to fix, pay or agree something urgently.
2) Offers – these sound interesting or enticing, this could involve getting more business or some “easy” money i.e. we have a group reservation request waiting.
3) Errors, spelling or grammatical errors – the language, tone or layout may look different, unusual or even suspicious.

Our Solution – Multi Factor Authentication (MFA):

What is MFA? Simply put, MFA creates an extra layer security by requiring the user (you) to provide at least two pieces of evidence to prove their identity.  This barrier prevents potential fraudsters from gaining access to your account and also acts as MAJOR DETERRENT.

We are now asking you to set up an extra stage (layer) of security at the login process to your account. There are 3 options –  Questions – Email Code – Authentication App. Choose 2 of these to set up your MFA.

Once set up, you will only be required to complete one of these methods during a login if we detect you are logging in using new device or browser.

We have added this new MFA security feature in the SECURITY tab in your account which draws together existing security features in your account (Password/Password Changes/Security Levels).

Here at freetobook we are constantly rolling out new software features to ensure you have all the tools you need to help run your business effectively and successfully.

Your B & B Business and SCA

New Payment Security Measures that WILL Affect Your Business

freetobook secure

SCA (Strong Customer Authentication) measures have now come into force as part of the Payment Services Directive II (PSD 2), a European law that all UK banks will be using (and yes this will remain in effect despite Brexit) to prevent fraud.

What does this mean?

Overall these measures will significantly improve the security of payments. Sadly Some of the OTAs have misrepresented the situation for their own gain. It is important to note that SCA ONLY applies to cards typed in online by the customer, all other card transactions are exempt so you can continue payments in exactly the same way you did prior to SCA.

What’s ’strong’ about it?

The ’strong’ in ’Strong Customer Authentication’ means that the person using the card online has passed at least two of three ’proof points’ confirming they’re the owner of the account.

Those three proof points are:

  • Knowledge (knowing Password or PIN)
  • Possession (having their card or phone with them)
  • Inherence (being able to prove their identity through fingerprint or facial recognition).
Direct bookings via your website’s booking engine:

These are relatively straightforward, at the point of booking online the card issuing bank will now ask your guest for 2 of the 3 security points so you will be certain the payment was made by the owner of the card. Stripe and FabPay will take SCA details and confirm the identity of the card holder for you.

Channel bookings from Online Travel Agents (OTAs):

Where you get the customer’s card from the OTA this will be exempt from SCA. Any payments you take from the card will be Card Not Present (CNP) or Mail Order Telephone Order (MOTO). These transactions are treated by the banks in the same way as they were before SCA so there is no change at all.

In the same way as channel bookings, payments where you type the card into a terminal or virtual terminal don’t fall under the new SCA measures as they are a Card Not Present (CNP) or Mail Order Telephone Order (MOTO) payments, that is to say they are exempt from SCA. These transactions are treated by the banks in the same way as they were before so there is no change.

Here at freetobook we offer property owners a number of secure payment options including Stripe and FabPay all of which are 100% SCA compliant for all types of payment.