TL;DR: Travel booking fraud rises where high-value, pre-paid transactions meet weak, isolated checks, and SumSub’s whitepaper argues that a risk-based approach can help calibrate verification to user and action risk while preserving conversion. The governance lesson is that travel platforms need controls that reduce fraud without turning away genuine travelers.
NHIMG editorial — based on content published by SumSub: Risk-based verification in travel booking
Questions worth separating out
Q: How should travel platforms balance fraud prevention with booking conversion?
A: Travel platforms should calibrate verification to the risk of each action rather than applying the same controls everywhere.
Q: Why do isolated fraud checks fail in travel booking journeys?
A: Isolated checks fail because they do not connect the full sequence of user actions.
Q: How do teams know if risk-based verification is working?
A: Teams should measure fraud loss, chargebacks, completion rate, and abandonment after verification changes.
Practitioner guidance
- Map controls to journey stages Separate browsing, account creation, payment instrument changes, and final booking into distinct risk points so controls can be tuned to the loss potential at each step.
- Correlate identity and transaction signals Combine behavioural, payment, and account-risk indicators before deciding on step-up verification, rather than treating each signal as an isolated gate.
- Measure fraud and abandonment together Track confirmed fraud, chargebacks, completion rate, and drop-off after verification so control changes can be judged against both security and revenue outcomes.
What's in the full article
SumSub's full whitepaper covers the operational detail this post intentionally leaves for the source:
- A step-by-step view of where fraud enters the travel journey and which control points are most exposed.
- A provider-selection checklist for travel teams that need to compare verification approaches against their use case.
- Practical guidance on calibrating verification by user type, booking value, and action risk.
- A fuller discussion of how trust, safety, fraud, and risk functions can align on a single control model.
👉 Read SumSub's whitepaper on risk-based verification across the travel journey →
Travel booking fraud and friction: what controls actually protect revenue?
Explore further
Travel booking fraud is a control-calibration problem, not just a detection problem. The article points to a familiar pattern in consumer identity systems: strong checks reduce abuse, but coarse checks damage conversion. In travel, that trade-off becomes visible faster because the transaction value is high and the abandonment cost is immediate. The field should treat fraud prevention as part of identity governance, not as a separate bolt-on risk function. Practitioners need controls that are measured by both loss reduction and customer retention.
A few things that frame the scale:
- 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
A question worth separating out:
Q: What should trust and safety teams review before adding more booking friction?
A: They should review whether the added friction is tied to a specific risk event, such as a payment change or abnormal booking pattern. If the control is not linked to a higher-risk action, it is more likely to hurt genuine customers than stop fraud. Proportionate controls perform better than blanket challenge logic.
👉 Read our full editorial: Risk-based verification in travel booking: balancing fraud and friction