Making sure cardholder data is handled securely should be the No. 1 priority of all operators, regardless of size or number of facilities. In fact, all merchants now face audits to ensure data is being handled securely. There are two separate but equally important practices for ensuring card data security:
1 Point-to-point (P2PE) data encryption, which ensures that sensitive cardholder information is protected throughout the transaction cycle, from the time of swipe through authorization and completion. End-to-end encryption ensures that data cannot be accessed or hacked, reducing your compliance scope at the same time it protects your guests against third-party fraud. With the recent evolution of PCI requirements, most PCI QSAs (Qualified Security Assessors) will not approve an enterprise implementation that does not secure cardholder data. Therefore, point-to-point encryption has quickly become a basic step in PCI-DSS compliance.
A routine step toward ensuring total PCI-DSS compliance is to ensure that all point-to-point encryption is implemented on PCI-PTS certified hardware.
2 EMV-compliant smartcard authentication at the point of sale, which uses an embedded “chip,” a small microprocessor, to validate that the payment card is original and genuine – that has not been cloned or duplicated. This chip actually protects against cloning by generating unique data with every use, unlike the magnetic stripe (MSR) cards most prevalent in the United States today, which use static, easily reproducible data.
Confused? The evolution of PCI Standards as well as the introduction of EMV into the United States can cause some confusion about whether support for both are needed and where one initiative ends and the other begins.
Accessibility: Consumers expectations have already evolved
Your guests are more “connected” now than they have ever been. The number of smartphone users in the United States is projected to grow from 62.6 million users in 2010 to 220+ million users by 2018. Already, the number has grown to 163.9 million in 20141. On those smartphones, they carry a wealth of apps for navigating, buying, booking, communicating, exploring, social media sharing, payment, and more. They have no patience for waiting in line or following drawn-out procedures. Why, they ask, isn’t checking in as quick and easy as making an online reservation? Now more than ever, guests expect service where they are, when they’re ready. New technologies are expanding the point of service to enable the kind of streamlined, personalized experience your guests anticipate and appreciate.
For example, tablet-based devices can allow remote check-in, at the lobby door or hotel bar, on the airport shuttle, at the guestroom door. These devices also can program and generate RFID room keys, allowing guests to go directly to their room upon arrival and equipping staff to replace lost keys anywhere on property.
Mobile payment technologies give guests the option to make secure electronic payment from virtually anywhere – on the golf course, poolside, at the spa, even at cash-bar events. The result is better customer service, often coupled with increased per-transaction spend.
Using new technologies such as Bluetooth Low Energy (BLE) and geo-location, guests can take advantage of their own “wireless personal area” to receive discounts, coupons and other personalized offers based on their current location and unique interests. These sophisticated systems also allow operators to extend the reach of their property management systems (PMS) and customer relationship management (CRM) systems to tablet- and smartphone-based devices, which allows the creation of highly customized guest services.
The good news is, these evolving solutions are all designed to be highly customer-centric, not only to speed and secure transactions but also to enhance the overall guest experience. This high-tech, high-touch approach enables seamless transactions regardless of location, personalized service, and a consistent presentation of a strong brand image. The challenge is that upgrading legacy systems can be time consuming and expensive.
All in all, these new technologies offer huge improvements for hospitality providers and guests and present big obstacles to fraudsters and hackers. So ask yourself, why not embrace the change?
Greg Burch is vice president of Mobility, Business Development & ISV Relationships at Ingenico, a leading provider of secure and innovative payment solutions with point-of-sale (POS) products and offerings used by one-third of the global population.
©2014 Hospitality Upgrade
This work may not be reprinted, redistributed or repurposed without written consent.
For permission requests, call 678.802.5302 or email info@hospitalityupgrade.com.