Tech Talk

Recent posts

Time is limited. Once it’s gone, you can’t gain it back. Similarly, once a room goes unsold for a night, it will go unsold forever. There’s no way to recover that loss, because there’s no way to go back in time.
 
Many hotels fight this limitation by trying to sell as many rooms as possible. If all the rooms are completely booked, time no longer becomes a factor. But most don’t have the luxury of being at-capacity every single night. That’s why last-minute booking apps are growing in popularity in the industry, where hotels can make the most of each day. These apps specifically target guests who don’t plan far in advance, seeking accommodations from one week to one minute later.
 
There are several different ways your hotel can benefit from using last-minute booking apps in your business strategy.

IoT is Coming, Jon Snow…
Posted: 05/21/2019

Hospitality is prime for the coming advent of the various devices that make up the Internet of Things. Estimates show the industry now represents 17.5 million rooms worldwide and savvy guests are demanding more personalization and an overall improved guest experience along their connected travel journey and belief is that IoT can bring this to reality. 

The forces driving local search rankings are constantly changing. But recent studies suggest that in 2019, four key factors make up the local search algorithm. 
 
The most significant factor is Google My Business (GMB). If you’re not on it, get on it now.

The robotic revolution in the hospitality industry might seem to have taken a step back. This January, the famously quirky Henn-Na Hotel in Japan fired half of its 243 robot staff. The robotic workforce reportedly irritated guests and frequently broke down.

Think about the moment when you first enter your hotel room. Look around: Does the room tell you anything unique about the hotel where you are staying? Or is it all beige walls and double beds with white covers, and you have to walk back outside and look at the sign on the hotel’s facade to even remember where you are?



want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.

x
 

The Hospitality Industry's Cybersecurity Problem: Making Your Hotel Undesirable for Hackers

10/19/2016

It’s no secret that the hospitality industry has a serious cybersecurity problem. In the past few months alone, there have been dozens of hotel data breaches reported. Hotels and resorts have long been a hot target for criminals, and that trend shows no signs of slowing down anytime soon.

Hospitality payment security is hard to implement successfully and requires a specialized knowledge and approach. Why? Let’s look at an example.

Hotels have to store guest records from reservation to check out. Some of my clients on the Vegas Strip book rooms a year or more in advance for events like New Year’s Eve. That’s an awfully long time to store card data, especially because the bad guys know it’s there and actively go after it. Unfortunately, it only gets more complex from there. Think about the potential sources of payment data in a large resort. There are folios and cards on file, electronic third-party reservations that contain card data in clear text, faxes and emails with card numbers sent to the banquet and events team, a concierge using the guests’ card to buy concert tickets, and potentially hundreds of swipe devices (or, these days, maybe EMV devices) capturing card data at the front desk, restaurants, gift shops, spas and who knows where else.

EMV’s ROLE IN IT ALL

Securing an environment like this is a Herculean undertaking, and one that many of you are taking positive strives toward. Undoubtedly, you’re all considering – if not actively working toward – implementing EMV. A few of you already have it up and running, although Mastercard’s most recent data shows that only about a third of U.S. merchants can actually process chip-based transactions, and based on my experience, that number is likely much lower in hospitality. 

Let’s talk about EMV for a moment. Do you know what it does? If your answer was anything about preventing breaches, you are misinformed. EMV was designed to prevent card-present fraud. Specifically, to make it much harder (if not impossible) for thieves to encrypt the card data they had previously stolen onto a new card in order to make illegitimate purchases.

STOPPING THE TIDE OF BREACHES

To avoid becoming a victim of a payment data breach,
remove the card data from your environment
and leave nothing for the hackers to steal.
 
So if EMV protects us from thieves trying to use card data they’ve harvested in previous breaches, what protects us from becoming the source of the next breach?

The easiest way, in my experience, to avoid becoming victim to a payment data breach is to remove the card data from your environment and leave nothing for the hackers to steal. We do this through a combination of tokenization, which replaces the card data you used to store in folios and card-on-file databases with a meaningless value that only references the original data, and point-to-point encryption (P2PE), which encrypts the card data at the moment it enters the credit card terminal and prevents the actual data from ever getting into your point of sale or property management system. With these two tools, properly employed, hoteliers can eliminate the vast majority of their breach profile and make themselves much less desirable targets for thieves.

The remainder of the card data from things like websites, online and call-center reservations, catering faxes or concierge phone calls, can likewise be eliminated with the use of specialized tools that leverage P2PE and/or tokenization to leave a hotel completely free of sensitive cardholder data. This should be your goal. Imagine the resources you could reallocate to growing your business, wowing your guests, and coming up with the next differentiator to set you apart from your competition, if you didn’t have to invest in securing and maintaining all of this data.

With P2PE and tokenization as your secure foundation, you are free to implement new technologies like mobile payments by the pool, app-based payments to order room service from your phone, or whatever comes next – without putting your guests and your brand at risk.

A FINAL WARNING

EMV has been a tall order for the hospitality industry. New terminals come at a considerable cost and new business processes are difficult to implement. And the whole thing has come with relatively little measurable benefit to hoteliers. With the increase in friendly fraud, hotels are now seeing financial reasons to adopt EMV. As you do, please take the time to find a solution that integrates with all point-of-sale and property management systems that are at use in your environment. Moving to a non-integrated solution is asking for increased fraud and complaints from your accounting team as you drastically increase their workload.

Also, if you’re making the capital investment into new EMV terminals, ensure that they support P2PE so that you are enhancing your security capabilities as you take steps to fight fraud. Together, EMV, tokenization, and P2PE form the foundation that will protect you today and for years to come.

About The Author
J.D. Oder
CTO and SVP of Research and Development
Shift4 Corporation


J.D. Oder II serves as Shift4’s CTO and SVP of research and development. J.D. is a certified network engineer with more than 15 years of experience. He leads Shift4’s systems operations and development efforts as well as the security and compliance teams. J.D. is the architect of the DOLLARS ON THE NET® payment gateway solution. He is credited with introducing tokenization to the industry in 2005 and was also an early adopter/member of the PCI Security Standards Council.

 
Comments
Blog post currently doesn't have any comments.
Leave comment



 Security code