Payment methods
If you are implementing a Search, look and book integration, and want to learn about the available payment methods keep reading.
Choosing the right payment method
The Demand API offers various payment options tailored to different business needs. Depending on your business model, specific methods may be more suitable than others.
→ Review the available methods by partner type to select the best configuration for your use case.
Available methods | Partner type | |
|---|---|---|
| ✓ Virtual Credit Card (VCC) | Partners who are authorised to directly charge the traveller. Then pay Booking.com on behalf of the traveller. Corporate partners can use VCC for their Online payments. |   |
| ✓ AirPlus VCC ✓ AirPlus integration for payment instructions ✓ Credit Card + MOTO | Corporate partners when paying online on behalf of their employees. Corporate partners paying at property with an authorisation form. Corporate partners when paying online on behalf of their employees. | |
| ✓ Credit card + Strong Customer Authentication (SCA) ✓ Credit Card (non SCA) ✓ Credit Card (non SCA) + Riskified | Partners who are not authorised to directly charge travellers and rely on Booking.com to charge travellers instead. |  |
Payment methods overview
Virtual credit cards (VCC)
A virtual credit cards (VCCs) offer a digital, disposable version of a physical card, providing additional security for online and card-not-present transactions.
- VCCs generate unique card numbers and expiration dates for each transaction, limiting access to pre-approved funds.
- This Online payment method allows partners from all regions handling payments on behalf of travellers.
However, to be able to use this payment method, partners need to be able to generate their VCC either via AirPlus or by other providers.
Refer to the VCC use case for requirements, instructions and examples.
AirPlus virtual credit card (VCC)
AirPlus is an external payment service provider that generates virtual credit cards (VCCs) on behalf of customers. This solution allows business travellers to make their bookings without worrying about paying for their stays, as those will be paid with AirPlus-issued VCCs later on.
- Demand API is integrated with AirPlus, so our Corporate partners can use this method when paying online for business trips.
- This way, at booking time, Corporate partners can pass, instead of a credit card number, a 12-digit AirPlus number. Booking.com calls the AirPlus API, gets the number of the VCC generated, and uses that to make the reservation.
For more details about the AirPlus integration and examples explore the AirPlus VCC use case.
Payment instructions
This option is mainly used by Corporate partners when paying at the property.
When a Corporate partner makes a reservation on behalf of their employees using a virtual credit card (VCC) (either generated via the AirPlus integration or by other providers) the property needs the payment to be complete during the guest's stay, typically at arrival or departure.
However, not all properties are prepared to deal with VCCs and most of them are more familiar with credit card or cash payments.
For these cases, our Demand API allows passing payment instructions on the requests. This is an authorisation form (auth form), that is issued per reservation, and contains:
- Credit card details: type (Visa, Mastercard, etc.), number, card holder, etc.
- A statement saying that the VCC has been authorised by the corporate company.
- A list of payment instructions, explaining the property how to charge the VCC.
Example of generated authorisation form: 
Look at Payment instructions use case for more details and examples.
Applicable payment scenarios
The use of Virtual credit cards is available to all partners. However, this is particularly useful for:
- Partners authorised to pay on behalf of travellers
- Corporate partners for both online and on-property payments (via "Payment instructions").
Credit cards
Credit cards are the most common payment method, enabling partners to book prepaid rates via the Demand API.
The API supports a variety of global and local cards to accommodate traveller preferences:
Global | Local | ||||||
|---|---|---|---|---|---|---|---|
 |  |  |  |  |  |  |  |
Access the full list of supported cards via the common/payments/cards endpoint.
Applicable payment scenarios
Credit cards are mainly used in the following scenarios:
- Partners not authorised to directly charge or pay on behalf of travellers.
- Regular travellers who use credit cards for payments or to secure bookings.
- Corporate travellers using mail or telephone orders (MOTO) for offline transactions.
Geographic considerations
The Demand API supports various authentication options to ensure compliance with regional regulations:
Credit card type | Travellers region |
|---|---|
| Credit card + Strong Customer Authentication (SCA) | Suitable for travellers from the European Economic Area (EEA). |
| Credit Card (non SCA) Credit Card (non SCA) + Riskified | Ideal for travellers from the US. |
| Credit Card + MOTO | Globally available for Corporate partners. |
Ensure you provide the correct authorisation level based on the region’s regulations. For example, European users may need SCA due to EU card requirements.
Credit card + Strong Customer Authentication (SCA)
Strong Customer Authentication (SCA) compliance is required for European Economic Area EEA-based transactions.
- This requires a token from a Payment Service Provider (PSP), shared with Booking.com during the order/create request.
Refer to the CC SCA use case for more details about the flow, pre-requisites and instructions to construct your order when using this payment method.
Credit card (non SCA)
In some regions, like the US, credit cards do not need SCA. For enhanced security, third-party fraud protection is required.
- This is a method mainly used for travellers in the US.
Look at the CC non SCA use case for examples and instructions to define your order.
Credit card (non SCA) + Riskified
This is an Online payment method in which partners can book prepaid rates with travellers credit cards by sharing a Riskified session ID via the Demand API.
Riskified is a fraud screening solution that you can use to maintain low chargeback for processing credit card payments where authentication is not a legislative requirement.
Use this option to provide fraud detection support for non-SCA transactions.
You can only use this option if your partner agreement with Booking.com allows it, and you have Riskified as fraud solution. See all requirements and instructions in the use case
Credit card + MOTO payments
The MOTO is a type of credit card transaction made by telephone or email.
This Online payment (pay_online_now) method is mainly used by Corporate partners who can book prepaid rates by classifying their offline bookings as MOTO transactions in our Demand API.
Refer to the Corporate Partner use case for more details about the flow, pre-requisites and instructions to construct your order when using this payment method.
Check the supported payment methods
To know which payments methods are accepted by a property, use the following endpoints:
Type | Endpoint | Response | |
|---|---|---|---|
 | Pay at the property | Run /accommodations/details | It returns the set of methods (payment cards and/or cash) that a property accepts when paying at the property at checkin date. |
 | Online payment | Run /orders/preview | It returns the set of methods that a property accepts to secure the reservation:
|
- Learn about all the available Payment timings and schedules.
- Refer to the Payments quick guide for initial instructions on how to check available payment options.
- Explore the use cases section for examples and best practices when using different payment methods on your order requests.