5 Ways Hotels Can Protect Travelers Against Financial Loss

As the world continues to digitize, cybersecurity risks surround us. Implementing essential security measures and protecting against payments fraud are table stakes, especially for businesses with an e-commerce channel. The hospitality industry – a market valued at $235.96 billion and expected to grow to $299.29 billion by 2029 – is no stranger to these risks. When industry reputation and guest satisfaction are paramount, hoteliers risk not only financial loss, but also reputational risk if their business is not properly protected. 

Advanced security needs must also be balanced with today’s guest expectations. Travelers expect a seamless, secure and consistent user experience at all stages of travel – from browsing the website, to confirming reservations, to making in-room purchases. But with an increase in online bookings and guest data storage needs, hoteliers must be thoughtful about how technology and people can work together to deliver a convenient and safe checkout experience. To improve data security and ensure a safer future for transactions and communications, here are five must-haves for hoteliers:

• Secure payment processing: Providing a bank-issued debit or credit card at check-in is a standard industry practice to cover any incidental or possible damages. Guests must trust hotels are using a secure payment processor to protect card payment information. Whether using a point-of-sale system for the front desk, an online payment gateway for the website or a mobile card reader for on-the-go app transactions, payments processors should include technology to tokenize the transaction. This means guests’ payment data – such as their credit card number – will be encrypted during transmission and storage.
• Identity verification technology: While 92% of U.S. businesses recognize the need for online customer identification strategies, an alarming 70% have observed climbing fraud losses in recent years. And as cybercriminals become more sophisticated, hoteliers must feel confident their guests are indeed who they claim to be. Hoteliers can leverage a third-party technology vendor, such as Everyware, to review a prospective guest’s name, address, and mobile phone information against the U.S. Census and Credit Bureau dataset in real-time. For an additional layer of security, identity verification can be paired with biometric authentication. 
• Network messaging compliance: For hoteliers who rely on application-to-person (A2P) messaging, 10DLC compliance is a must. The introduction of 10DLC compliance by mobile carriers in the US helps regulate delivery of unwanted, inappropriate or fraudulent messages to consumers. For travelers engaging with a company via mobile, such as for reservation reminders, invoicing or check-out instructions, compliance offers reduced spam and enhanced end-user security. Even more, registered businesses are awarded higher message throughput because their messages are considered trustworthy and secure.
  
• Security audits and regular updates to software: While this may seem like an obvious consideration, many hoteliers are not equipped with the appropriate tools to detect or respond to cybersecurity threats. In 2020, 58% of hotel IT managers admitted that they had no advanced technology to monitor their systems and identify potential breaches. Without technology in place, such as antivirus software and firewalls, sensitive guest information could be compromised. 
• Information sharing as a best practice: In addition to staff training to articulate the importance of data privacy and how to handle guests' personal information, hoteliers should also collaborate with franchises in other markets and government agencies to report any suspicious activity. This information sharing is especially important for international hotel chains, which process a huge volume of transactions and run valuable loyalty programs that require personal data collection.

While the hospitality industry can bring so much joy and excitement to travelers, fraud attempts or financial losses can ruin a vacation. To maintain (and improve!) industry reputation and guest satisfaction, hoteliers must protect guest payment information through secure payment processing and incorporate identity verification solutions into their tech stack. To ensure all back-office data storage is protected and a company is compliant with customer engagement tools – such as mobile communications – regularly scheduled security audits should take place. These best practices, and any found risks, should also be discussed with franchisees as well as government agencies to limit further cyber destruction. Hoteliers can enjoy the peace of mind that comes from advanced security measures, minimizing risks and streamlining transactions – all while delivering an exceptional hotel guest experience.

About the Author

With the birth of Everyware in 2015, Austin Talley is and has always been the mastermind behind certifying the mobile number as a form of payment. Everyware is a customer engagement, billing, and payments company based in Austin, Texas. Launched in 2015, the company provides services to more than 9,000 merchants across multiple verticals including healthcare, travel, utilities, not-for-profit, and automotive. The platform provides an easy, fast, and secure way to move money while enhancing the ability for merchants to communicate with customers in real-time with text messaging. It saves them money by improving cash flow and reducing paper billing costs, chargebacks, and fraud. Additionally, Everyware works alongside existing systems for easy integration.