Hospitality: Remove the Target on Your Back by Going Passwordless
Hoteliers and restaurants handle a tremendous amount of consumer data to process payments, enrich the experience, and maintain competitive, differentiating rewards programs. Stored passwords and bankcard numbers make everything from reservations to paying a tab fast and simple.
There’s a symmetry to the modern experience of today’s bankcard transactions that mirrors the cash exchanges of yesterday. To be fair, yesterday’s establishments never had copies of every customer’s wallets to ease their dealings, but today’s merchant and customer settlement is hastened due to retention of complete guest profiles.
Transactions based on matching consumer data against a central store of all such data, prior to or at time of service, are smooth and convenient. But, is storing all of that sensitive data — breached time and again as we see — good for business? And is storing all of that data even necessary to deliver the same experience?
Some financial services leaders, a growing group of ones that also were once accustomed to warehousing sensitive data, would say that the hospitality industry should rethink how it handles data. Banks, insurers, and payment networks are doing just that by declining to store login and payment credentials while continuing along the path to delivering a memorable experience across all channels.
We’ve been conditioned to counter that without today’s model of data storage and use, experience would suffer or that adding security must degrade security. Not so fast.
Remember that financial leaders rethinking ownership of some user data too are experience-obsessed and would never allow transaction speed or any form of customer satisfaction to take a backseat. Today’s authentication and payment authorization gaining traction in financial services actually reconciles the stalemate between security and usability. For hospitality executives ready to reimagine security and improve usability, here are a few points to consider:
Decentralization is the foundation of data security
Transferring ownership of login and payment credentials means having that data be stored on consumers’ commonplace mobile devices. Consumers and service providers conduct business through public-key infrastructure (PKI). This means login credentials and bankcard numbers are encrypted and isolated in the most trusted area of a consumer’s smartphone, and at the time of service or payment the solution generates a token exchange between the two parties. No sensitive data is stored at the enterprise, none is transmitted over the internet, but the same outcome results. The enterprise also maintains control over its authentication systems and policies, and — important in hospitality — it still has visibility on other information on the user that comes from mobile app features. In fact, a solution that decentralizes credentials should offer the enterprise even greater control over its authentication systems, without displacing identity and other security solutions already in place.
Decentralization kills the password
We have today’s consumer-facing mobile device to thank for the associated technologies that make decentralization possible, as the devices are Internet-connected and contain the necessary hardware to store credentials safely. These same devices also have the embedded hardware sensors or capabilities to leverage cameras, microphones, and other assets to make asserting one’s identity fast, fun, and accurate. The combination of these advanced features (and only them) makes password elimination — defined as an end state of “no password” — finally possible. If you, as consumers want, consider credentials to be biometrics and know that they are leveraged in way that makes them safe from wholesale breach and safe from targeted breach, there is no justification to maintain a centralized password scheme for login or payments.
Isn't fingerprint or face adoption already decentralized?
Concerning that end state of no password, this differs markedly from solutions such as Apple Touch ID, Face ID and their Android counterparts that are layered atop legacy password systems in which passwords are centrally stored. These features are intended for convenience such as device unlock and removing the poor experience of password-based authentication from the user interface. When a service integrates hardware sensors such as these into their mobile apps, users unlock a key store and paste in a password. The issue with these services is that the hotelier, restaurant, or third-party booking platform still has a central store of passwords. This keeps the enterprise vulnerable to credential reuse and phishing. An added benefit to removing the password from use — not from view — is the alternative creates a far superior credential: they cannot be carried by another person, they cannot be typed into phishing emails or sites, and they hasten transaction speeds since they generally take the form of fingerprint scans, selfies, etc. and combinations thereof.
Decentralization is deployable in days — and has been
The greatest hurdle to deploying password-less architecture in the hospitality sector is the decision over whether it should be part of an enterprise’s digital transformation. Obstacles have been long overcome by a few key factors. Solutions that transfer ownership of credentials to consumers have already been deployed by Fortune 500 category leaders in banking, insurance, and payments. Solutions are based on open standards such as those of the FIDO Alliance that have rigorous security, scalability, and interoperability benchmarks, are years into deployment, and have earned the support of FAMGA[1]. Decentralizing credentials and migrating to true password-less architecture is such a familiar undertaking for willing enterprises that the right solution provider building value atop standards such as FIDO can decentralize credentials in a matter of days. Nothing else stands or should stand in the way, as teams can push updates into existing apps (or provide custom apps) and integrate a FIDO certified server complete with a FIDO admin panel to orchestrate and simplify backend capabilities. Deployment does not, as many believe (even assert), require solutions built upon protocols such as blockchain or multiparty computation (MPC) whose application to authentication and payments is neither properly tested nor purpose-built.
Hoteliers and restaurants could — and should — provide the same goods, services, and experiences without trading in data whose presence on enterprise systems creates a target for hackers who trade in the same data. Taking a cue from their financial counterparts, which face similar risks associated with high volumes of data and high velocities of transactions, the hospitality sector could do the same. The first step towards it is little more than an evolution of thinking. The increasing number of large-scale deployments in financial services, as well as digitalization and mobility of all online services, is making similar innovation in hospitality as near as adoption by the first few large hospitality giants.