Not every checkout is a real guest. StaySignals scores every booking and flags non-customer traffic — bots and bookings without real intent to stay. Real guests book without friction; the rest never reach fulfillment.
One <script> tag · one /risk call · live in minutes
continuously scoring real booking traffic under production load
real bookings processed, 3-yr cumulative
confirmed fraud reaching fulfillment across same period
signal taxonomy purpose-built for hotel booking fraud
Two integration points — a browser SDK and a server-to-server call — sit between your booking flow and your fulfillment. Both stay out of the real guest’s way.
A single script tag on your OTA site. The SDK silently collects device fingerprint, session shape, browser environment, and behavioral signals throughout the booking flow.
One <script>. No guest-facing UI. No impact on performance.
From your backend, right before you commit the reservation: post the booking context — StaySignals returns a score, a level, and a suggested action.
Server-to-server. Deterministic. Replayable.
Allow, challenge, or deny — or fold the score into your own downstream review. Your risk setting decides where the line sits, and every decision is logged for replay and review.
Your stack stays in control. StaySignals scores; your stack decides.
Everything you need to keep non-customer traffic out of fulfillment — and out of the refund cycles and transaction fees that every non-customer booking drags behind it.
Non-customer traffic in hotel bookings doesn't look like card fraud. It shows up in booker reputation, in how booker / guest / hotel cohere, in booking patterns that don't match a real customer, and in sessions run by bots rather than humans. Tuned for hotel bookings, not retrofitted from payments.
Each booking attribute is marked with the risk level observed on it. Reviewing a decision takes seconds, not minutes.
Pick Max protection, Balance, or Max revenue — tune the trade-off without redeploying.
A single script tag and one /risk call. No page-level friction, no complex integration.
Drop the browser SDK on your OTA site — it quietly collects device, session, and behavioral signals throughout the booking flow. Then, right before you commit the reservation, call /risk from your backend with the booking context. StaySignals returns a score, a level, and a suggested action.
The only script your site ever needs.
POST https://api.staysignals.com/v1/risk → headers X-StaySignals-Key: sk_<project>_… → body session: { id, ip } booker: { first_name, last_name, email, phone } guests: [{ first_name, last_name }] hotel: { name, address, country, … } booking: { check_in, check_out }{ "decision_id": "dec_2024_9847", "risk_score": 78, "risk_level": "high", "suggested_action": "deny", "risk_setting": "balance", "decided_at": "2024-11-14T14:02:11Z"}“Decades on the supply side — a certain amount of non-customer traffic in the booking mix has always been part of the job, something you just live with. StaySignals has genuinely moved that for us. Fewer refund cycles, less noise reaching our commits, and the cleanest booking-quality read we’ve ever had.”
“You can feel a partner’s trust layer by how often our ops team has to step in. With StaySignals upstream of us, that part has quietly stopped being a conversation. Inventory stays committed, cancellation noise dropped off, cleanup load on our side is down.”
“We had the /risk call shipped in one afternoon, scoring real traffic the same day — and refund cycles dropped off quickly after that.”
Start free. Then pay per decision returned — not per SDK install, not per seat. Scale with your booking volume.
Try StaySignals on live traffic. Full SDK, full /risk API, full decision log. No card required.
Pay per booking we score. Priced on decisions — not on seats, not on SDK installs.
Everything in Free, plus
Above 100k decisions per month. Volume pricing, dedicated onboarding, and a direct line into your booking-ops workflow.
Everything in Usage, plus
Generic platforms are retrofitted from payments — they know cards, not hotels. Non-customer traffic in hotel bookings shows up differently: in booker reputation, in how booker / guest / hotel cohere, in booking patterns that don’t match a real customer, and in sessions run by bots rather than humans. StaySignals is tuned on hospitality, not on cards.
No fraud system is perfect — some real guests will always look close enough to the patterns we flag. Which side you lean on is the risk setting. Before you move a preset into production, shadow-mode lets you watch StaySignals score real traffic without enforcing, and the replay panel shows projected impact on allow / challenge / deny volume under the new setting. Any tightening of the line happens with full visibility, not as a surprise.
More than the fraud loss. Every non-customer booking commits a real transaction downstream, and when the booker cancels, the refund cycle burns transaction fees (such as payment processor fees and provider booking-cancel fees) plus ops time. StaySignals scores the booking before it commits, so non-customer traffic never becomes a transaction to refund in the first place.
The SDK auto-collects device-level signals in the browser session. At booking, your backend posts the booking context to /v1/risk. StaySignals stitches the two and returns a score, level, and suggested action.
Per decision returned. SDK installs, member seats, and dashboard access are unmetered. You pay for the bookings we actually score — so cost scales with booking volume, not seats.