Payment methods
If you are integrating the Search, look and book flow, and wish to learn more about the available payment methods, keep reading.
Choosing the right payment method
The Demand API offers various payment options tailored to different business needs. Depending on your business model, specific methods may be more suitable than others.
→ Review the available methods by partner type to select the best configuration for your use case.
Available methods | Partner type | |
---|---|---|
✓ Virtual Credit Card (VCC) | Partners who are authorised to directly charge the traveller. Then pay Booking.com on behalf of the traveller. * Corporate partners can use VCC for their Online payments too. | |
✓ AirPlus VCC ✓ AirPlus integration for payment instructions ✓ Credit Card + MOTO | Corporate partners when paying online on behalf of their employees. Corporate partners paying at property with an authorisation form. Corporate partners when paying online on behalf of their employees. | |
✓ Credit card + Strong Customer Authentication (SCA) ✓ Credit Card (non SCA) ✓ Credit Card (non SCA) + Riskified | Partners who are not authorised to directly charge travellers and rely on Booking.com to charge travellers instead. |
Payment methods overview
Virtual credit cards (VCC)
A virtual credit cards (VCCs) offer a digital, disposable version of a physical card, providing additional security for online and card-not-present transactions.
- VCCs generate unique card numbers and expiration dates for each transaction, limiting access to pre-approved funds.
- This Online payment method allows partners from all regions handling payments on behalf of travellers.
However, to be able to use this payment method, partners must be able to generate their VCCs though AirPlus or via other providers.
Refer to the VCC use case for requirements, instructions and examples.
AirPlus virtual credit card (VCC)
AirPlus is a third-party Payment Service Provider that generates virtual credit cards (VCCs) on behalf of customers. This solution allows corporate travellers to book without worrying about payments, as the stays or travelling services will be paid with AirPlus-issued VCCs at a later stage.
- Demand API is integrated with AirPlus, enabling Corporate partners to use this method when paying online for business trips.
- This way, at the time of booking, Corporate partners can provide a 12-digit AirPlus number instead of a credit card number. Booking.com will then call the AirPlus API, to retrieve the generated VCC and use it to complete the reservation.
For more details about the AirPlus integration and examples explore the AirPlus VCC use case.
Payment instructions
This option is mainly used by Corporate partners when paying at the property.
When a Corporate partner makes a reservation on behalf of their employees using a virtual credit card (VCC) (either generated through the AirPlus integration or other providers) the property will require the payment to be made at the time of the guest's stay, typically upon arrival or departure.
However, not all properties are equipped to handle VCCs, as many are more familiar with credit card or cash payments.
Authorisation form
In such cases, our Demand API allows passing payment instructions on the requests. This is done via an authorisation form (auth form), which is issued per reservation, and contains the following:
Credit card details: type (Visa, Mastercard, etc.), number, card holder, etc.
A statement confirming that the VCC has been authorised by the corporate entity.
Payment instructions, outlining how the property should process the VCC.
Refer to the Payment instructions use case for further details and examples.
Applicable payment scenarios
VCCs are available to all partners, but they are particularly useful for:
- Partners authorised to pay on behalf of travellers
- Corporate partners for both online and on-property payments (via "Payment instructions").
Credit cards
Credit cards remain the most commonly used payment method, allowing partners to book prepaid rates via the Demand API.
The API supports a wide range of global and local cards to cater to travellers' preferences:
Global | Local | ||||||
---|---|---|---|---|---|---|---|
Access the full list of supported cards via the common/payments/cards endpoint.
Applicable payment scenarios
Credit cards are mainly used in the following scenarios:
- Partners not authorised to directly charge or pay on behalf of travellers.
- Regular travellers who use credit cards for payments or to secure bookings.
- Corporate travellers using mail or telephone orders (MOTO) for offline transactions.
Geographic considerations
The Demand API supports various authentication options to ensure compliance with regional regulations:
Credit card type | Travellers region |
---|---|
Credit card + Strong Customer Authentication (SCA) | Suitable for travellers from the European Economic Area (EEA). |
Credit Card (non SCA) Credit Card (non SCA) + Riskified | Ideal for travellers from the US. |
Credit Card + MOTO | Globally available for Corporate partners. |
Ensure you provide the correct authorisation level based on the region’s regulations. For example, European users may need SCA due to EU card requirements.
Credit card + Strong Customer Authentication (SCA)
Online payment method in which partners can book prepaid rates by charging guest credit cards through payments by booking using a SCA token via the API.
Strong Customer Authentication (SCA) compliance is required for European Economic Area EEA-based transactions.
- This requires a token from a Payment Service Provider (PSP), shared with Booking.com during the order/create request.
Refer to the CC SCA use case for more details about the flow, pre-requisites and instructions to construct your order when using this payment method.
Credit card (non SCA)
In some regions, like the US, credit cards do not need SCA. For enhanced security, third-party fraud protection is required.
- This is a method mainly used for travellers in the US.
Look at the CC non SCA use case for examples and instructions to define your order.
Credit card (non SCA) + Riskified
This is an Online payment method in which partners can book prepaid rates with travellers credit cards by sharing a Riskified session ID via the Demand API.
Riskified is a fraud screening solution that you can use to maintain low chargeback for processing credit card payments where authentication is not a legislative requirement.
Use this option to provide fraud detection support for non-SCA transactions.
You can only use this option if your partner agreement with Booking.com allows it, and you have Riskified as fraud solution. See all requirements and instructions in the use case
Credit card + MOTO payments
The MOTO is a type of credit card transaction made by telephone or email.
This Online payment (pay_online_now) method is mainly used by Corporate partners who can book prepaid rates by classifying their offline bookings as MOTO transactions in our Demand API.
Refer to the Corporate Partner use case for more details about the flow, pre-requisites and instructions to construct your order when using this payment method.
Check the supported payment methods
To know which payments methods are accepted by a property, use the following endpoints:
Type | Endpoint | Response | |
---|---|---|---|
Pay at the property | Run /accommodations/details | It returns the set of methods (payment cards and/or cash) that a property accepts when paying at the property at checkin date. | |
Online payment | Run /orders/preview | It returns the set of methods that a property accepts to secure the reservation:
|
- Learn about all the available Payment timings and schedules.
- Refer to the Payments quick guide for initial instructions on how to check available payment options.
- Explore the use cases section for examples and best practices when using different payment methods on your order requests.