With so much travel now being booked online – and through a variety of channels – the opportunity for hotels to increase sales is getting bigger all the time. However, it also creates challenges in making sure customer payment data is protected and that no breach occurs at the hands of hackers or fraudsters.
The vast majority of security compromise (91%) occurs at point-of-sale systems and is most often Card Not Present (CNP) fraud. CNP accounted for 78%, over $400 million, of all card fraud in Australia throughout 2016.
Because CNP transactions are so prevalent in the travel industry and much information is exchanged between hotel and customer, it’s important to know when you might be at risk and how to prevent any data breaches from happening. Since guests expect a hotel to be a safe place to escape to, even a single instance of failing to protect a customer’s data could have huge ramifications on your reputation and finances.
Here’s what to look out for:
It’s common for fraudsters to contact you in a panic, wanting to rush to set up their accommodation.
It’s important you don’t get flustered. Take the adequate time to verify their credit card, passport details, and other relevant documents to make sure they’re genuinely are who they say they are.
Take the adequate time to verify credit cards, passport details, and other relevant documents to make sure people genuinely are who they say they are.
Click to tweet
It makes sense to be more cautious of people who haven’t booked with you before. With regular customers you can build a relationship and learn their purchase habits.
Be aware of a first-time customer who contacts you online to make a large purchase. Collect all the necessary verification information. For greater security, adopt a payment solution that is designed to capture transaction data in an intelligent manner.
These days many fraudsters have become adept at hiding their true location and stopping themselves being tracked.
If you do have suspicions about a customer, do everything you can to verify their legitimacy, including calling and emailing them to collect data and confirm their identity.
One of the biggest warnings that everything is not what it seems is when someone wants to use different addresses for billing and shipping, which may not apply as strongly to hotels but is very relevant for the travel industry in general.
Look into technology that’s advanced enough to help you identify if different addresses provided by the customer are linked to legitimate addresses, like their home or work.
5 best practices for keeping your hotel data secure:
- Use systems that can secure your customer’s cards
You need to utilise a system that can send and receive card authorisation digitally and store it all securely in one place.
- Inform all managers and employees of company policies
Every employee should know the policies at your hotel regarding compliance and safe handling of customer information. They all should be trained on the software you use and have a consistent process to follow each time a purchase is made.
- Protect your POS systems
Make a point of investing in the latest cyber security tools including encryption, anti-virus software, and firewalls to safeguard against POS attacks and other malware hackers may target you with.
- Comply with PCI security
The PCI Security Standards Council fights hotel credit card fraud by maintaining global payment card industry standards. Ensure your hotel is committed to PCI compliance.
- Vet third parties
Your hotel may often deal with airlines, car rental companies, retail organisations, hotel technology providers, and other suppliers. Make sure all these partners – which become access points – are committed to information security best practices just like you.