Direct Booking Chargebacks: How STR Hosts Can Protect Their Revenue

You Are the Merchant of Record

When a guest books directly through your website and you process the payment through Stripe, Square, or PayPal, you are the Merchant of Record (MOR). This means:

• The charge appears on the guest's statement under your business name
• When a dispute is filed, it comes to you (through your processor)
• You submit evidence directly — no intermediary deciding what to include
• You see the exact reason code and the bank's specific requirements
• You control the timeline and can track the dispute in real time

This is fundamentally different from OTA bookings, where the platform manages the dispute and you have limited visibility or control.

Payment Processors for STR Hosts

Stripe is the most popular processor for direct-booking STR hosts. Stripe's dispute dashboard shows you the reason code, the response deadline, and exactly what evidence to upload. Stripe also supports Radar (fraud detection), 3D Secure authentication, and automated evidence suggestion.

Square works well for hosts who also take in-person payments (e.g., for pet fees, late checkout charges). Square's dispute process is simpler but less customizable than Stripe's.

PayPal is common but has significant limitations for dispute management. PayPal's resolution process is separate from the card network's dispute process, adding complexity. Many hosts avoid PayPal for high-value bookings because of this.

VRBO's Split Model

VRBO (Vrbo) uses a split payment model that depends on your payment processor setup:

• If VRBO processes the payment (the default for most hosts), VRBO is the merchant of record. Chargeback handling is similar to Airbnb's model.
• If you use your own processor (available in some configurations), you are the merchant of record and handle disputes directly.

Check your VRBO payment settings to understand which model applies to you. If VRBO is the MOR, you face similar transparency limitations as with Airbnb.

What Evidence to Collect for Every Direct Booking

For direct bookings, you have full control over what evidence you capture. Here's the minimum you should collect:

1. Identity Verification

• Government-issued photo ID (drivers license or passport)
• Match the ID name to the credit card name
• Store a copy securely (encrypted, auto-deleted after the dispute window closes)

2. Signed Rental Agreement

• Digital signature on your rental agreement and house rules
• Include cancellation policy, damage policy, and total charges
• Timestamp the signature

3. Check-In Verification

• OTP code sent to the guest's phone number (proves they have access to the phone associated with the booking)
• Geolocation capture (proves they're at the property)
• IP address and device fingerprint (ties the verification to a specific device)

4. Cancellation Policy Acknowledgment

• Separate, explicit acknowledgment of the cancellation policy
• Not buried in fine print — clearly presented and accepted

5. Stay Documentation

• Smart lock or keypad access logs
• Security camera footage of arrivals/departures (common areas only)
• Any guest communications during the stay

How to Submit Evidence Through Stripe

When a dispute is filed on Stripe:

1. You'll receive an email and dashboard notification with the dispute details.
2. Navigate to Payments → Disputes in your Stripe Dashboard.
3. Click on the specific dispute to see the reason code and deadline.
4. Upload your evidence as a PDF. Include:

- A cover letter summarizing why the charge is valid

- Booking confirmation with guest details

- Check-in verification evidence (OTP, geolocation, IP)

- Signed rental agreement

- Folio showing the charges

- Any guest communication

1. Submit before the deadline (typically 21 days after notification).

Stripe also offers automated evidence suggestions — if you've connected your booking data, Stripe can pre-populate some evidence fields.

Setting Up Fraud Prevention for Direct Bookings

AVS (Address Verification Service): Verify that the billing address provided by the guest matches the address on file with the card issuer. Decline transactions where AVS doesn't match.

CVV verification: Always require the card's security code. Never store CVV data.

3D Secure (3DS): Enable 3D Secure for all transactions. When a guest completes 3DS authentication (the bank's verification step during payment), liability for fraud chargebacks shifts to the card issuer. This is the single most effective fraud prevention tool available.

Stripe Radar: If you're on Stripe, enable Radar for fraud detection. Radar uses machine learning to flag suspicious transactions before they're processed.

Velocity checks: Be wary of multiple booking attempts from the same IP with different cards, or bookings made with cards from a different country than the guest's stated location.

Why the Extra Effort Pays Off

Direct bookings require more setup than OTA bookings, but the benefits compound:

• Lower fees: No 15-20% OTA commission. Even after processor fees (2.9% + $0.30 on Stripe), you keep significantly more revenue.
• Full dispute control: You see every detail, submit evidence directly, and track outcomes.
• Guest data ownership: Build a database of past guests for repeat marketing and CE 3.0 evidence matching.
• No platform risk: OTA policy changes (like Airbnb's chargeback liability shift) don't affect your direct bookings.
• Better evidence matching: When guests book directly multiple times, you accumulate the IP and device data needed for Visa's Compelling Evidence 3.0 framework.