Safe and Secure Transactions are Critical in a Contactless World
Credit card hackers are using the coronavirus pandemic as an opportunity to target more online transactions and, because hotel businesses have traditionally been a hot target for hackers, it’s never been more important to ensure your guest data remains safe.
According to Yahoo! Finance, attempted debit and credit fraud transactions rose 35% in April from a year earlier.
While the hotel industry has stepped up its efforts to make data security a top strategic goal over the last few years, is it doing enough? When was the last time your company audited its own practices to ensure compliance?
If you haven’t, consider the cost of not doing so. Hotels are contractually obliged to comply with PCI guidelines as per merchant agreements, but many are dropping the ball on the simplest of security components. Fines for breaches that result from non-compliance can be severe, ranging from $5,000 to $500,000. What’s more, banks and processors have been successfully filing for compensation from hotels after breaches.
How do you avoid that dreaded call from your bank? Here are three things that you can add to your PCI compliance strategy that hoteliers often overlook.
1. Verify that partners are PCI compliant
While PCI compliance encompasses many parts of a hotel, much of it is covered by the property management system and networking vendor. Check with your technology vendors to make sure the solutions you have running at your property are up to par. Blind trust isn’t a virtue here. If your vendors aren’t compliant, you could be the one holding the bill should a breach take place.
Understand the difference between PCI Compliance levels and work with partners who are at least Level 1 compliant, meaning they participate in yearly on-site reviews by an internal auditor and a required network scan by an approved scanning vendor.
2. Ensure credit card information is secure
How does your company acquire and store credit card authorization forms? If your hotel is still using paper or PDF versions for third-party authorizations, sales contracts and other forms, you are not PCI compliant and your company is at risk.
A secure, digital solution can bring you into compliance and help to manage that risk. Ease of use for your customers is another benefit of such a system. No longer will they need to fill out paper forms, sign, scan, and email or fax back to you. Then, you won’t need to find ways to store these paper files that are then left vulnerable for anyone to see. Ask yourself: What’s more secure — a binder filled with credit card numbers and personal information locked away in a filing cabinet, or a password-protected system that only certain employees have access to?
3. Implement password policies — and make sure employees follow them
Many vulnerabilities happen simply because employees set weak passwords — the reason cited for 63% of all breaches, according to Verizon’s Data Breach Investigations Report. To set your company up for success, you need to execute a strong policy that requires employees to change their passwords after a few months. Then, multi-factor authentication adds another layer of protection. This system requires more than one method of authentication to verify someone’s identity for login purposes. Those could include fingerprints, facial recognition, codes and the like.
Of course, rules are meaningless unless they are followed. As a leader, it’s your job to be certain that policies are being followed as written. Consider conducting an audit throughout the year to ensure all procedures are enforced. A little time now can save you a lot of money and heartache in the long run.
Interested in learning more?
How To Improve the Hotel Guest Experience
In the hospitality industry, a hotel guest’s experience is the single most important factor in determining whether or not they will become a repeat customer.Read More
The Technology Solutions Luxury Hotels Should Embrace To Augment the Guest Experience
Luxury hotels have lagged behind the technology curve for too long. However, it doesn’t have to be this way. The past few years have seen a constant stream of technology innovations that have made it easier than ever for hotels to operate in the digital age.Read More
How To Create a Hotel Guest Policy That Works for You & Your Guests
While the hotel guest policy is a dry subject, it’s important, nonetheless. The good thing is that doing it properly once means you don’t have to worry about it until you significantly change something about your services.Read More
10 Popular Upselling Examples for Hotels
The types of amenities and services a hotel operator chooses to upsell can depend on a variety of factors, but there are some near universal upsell options for hoteliers looking to boost ancillary revenue.Read More
8 Smart Hotel Technology Solutions That Improve the Guest Experience
With consumers more reliant on and comfortable with digital environments and tools than ever, it’s high time that the hospitality industry fully embrace smart hotel technology to improve the guest experience from pre-arrival through post-checkout.Read More