\r\n \r\nAs the restaurant industry, and U.S. merchants at large, take a wait-and-see approach, HT measures the industry's current and planned payment security practices in its 2014 Restaurant Technology Study. \r\n \r\nThe food service industry, with its fragmented technology, has historically been a target for card data theft. The sunset for swipe cards will be a welcome improvement. EMV preparedness is on restaurants’ radar, with 70% of those surveyed agreeing that it is important to have a well-defined roadmap for EMV preparedness. When asked about their organization’s current approach to preparing, however, just 26% report having some form of road-map in place; likely due to the lack of a standard. An additional 37% will make this a priority in the year ahead. With debate ongoing at the top, merchants remain in a holding pattern. \r\n \r\nWhat's more, confusion with the current PCI DSS remains, with 86% reporting that their organizations are \"in compliance\" but far fewer are able to identify compliance with some of the 12 specific requirements. For example, only 72% report that their organization maintains a policy that addresses information security for employees and contractors (item 12 of the PCI DSS). \r\n \r\n \r\nWith payment security an ongoing process and a moving target, restaurants are leveraging third parties for assistance. More than half of those surveyed outsource their PCI compliance efforts (54%), and nearly as many (52%) have purchased some form of breach protection or insurance. \r\n \r\nRespondents were further asked about their organizations’ use of tokenization and point-to-point encryption (P2PE). Though not a requirement of PCI DSS, these technologies can reduce scope by shrinking the footprint where cardholder data is located throughout the organization. Approximately 43% use P2PE and 33% plan to add the technology by 2016. Tokenization is used by 36%, and an additional 30% have future implementation plans. \r\n \r\nDownload the full 2014 Restaurant Technology Study. \r\n \r\n"}]}};
const country = "US";
const language = "en-US,en;q=0.5";
const SITE_LANGUAGE = "en";
const siteName = "Hospitality Technology";
const userRoles = ["anonymous"];
const userUid = 0;
const indexName = "HT";
window.dataLayer = window.dataLayer || [];
const data = {};
data.entityTaxonomy = {};
const contentTypes = [
"article",
"blog",
"bulletin",
"embed_page",
"landing_page",
"event",
"image",
"page",
"product",
"whitepaper",
"video",
"tags",
];
if (
routeInfo &&
"bundle" in routeInfo &&
contentTypes.includes(routeInfo["bundle"])
) {
data.entityBundle = routeInfo.bundle;
data.entityTitle = `${routeInfo.title} | ${siteName}`;
data.entityId = routeInfo.id;
data.entityName = routeInfo.author?.uname;
data.entityCreated = routeInfo.created;
data.sponsored = routeInfo.sponsored;
data.sponsor = routeInfo.sponsoringCompany;
data.entityType = "node";
data.entityLangcode = SITE_LANGUAGE;
data.siteName = siteName;
data.drupalLanguage = language;
data.drupalCountry = country;
data.userRoles = userRoles;
data.userUid = userUid;
data.entityTaxonomyKeys = {};
data.entityTaxonomyHierarchies = {};
data.parentNaicsCode = {};
data.isPro = false;
data.algoliaIndexName = indexName;
// Add toxonomy data
const taxonomies = {
businessTopic: "business_topic",
contentType: "content_type",
company: "company",
marketSegment: "market_segment",
};
const getHierarchy = (term, terms = []) => {
terms.push({ id: term.id, name: term.name });
if (term.parentTerm != null) {
getHierarchy(term.parentTerm, terms);
}
return terms;
};
const getTerms = (term, useApiId = false) => {
return { id: useApiId ? term.apiId : term.id, name: term.name };
};
const getKeys = (term) => {
return { id: term.id, name: term.apiId };
};
Object.entries(taxonomies).forEach(([key, item]) => {
terms = routeInfo[key];
if (terms && terms.length > 0) {
data["entityTaxonomy"][item] = terms.map((term) =>
getTerms(term, key === "company")
);
if (key !== "company") {
data["entityTaxonomyKeys"][item] = terms.map(getKeys);
termGroups = [];
terms.forEach((term, termInd) => {
termGroups[termInd] = getHierarchy(term);
});
data["entityTaxonomyHierarchies"][item] = termGroups;
}
}
});
data["entityTaxonomy"]["tags"] = routeInfo["topics"] || [];
// Primary Topic is either the business topic or the top tag.
if (routeInfo["businessTopic"]?.length > 0) {
data["entityPrimaryTopic"] = routeInfo["businessTopic"][0]["name"];
} else {
if (routeInfo["topics"]?.length > 0) {
data["entityPrimaryTopic"] = routeInfo["topics"][0]["name"];
}
}
// Primary and secondary entityNaicsCodes come from the MarketSegment
if (routeInfo.marketSegment?.length > 0) {
data.entityNaicsCode = {};
data["entityNaicsCode"]["id"] = routeInfo["marketSegment"][0]["id"];
data["entityNaicsCode"]["name"] =
routeInfo["marketSegment"][0]["naicsCode"];
if (routeInfo["marketSegment"][0]["parentTerm"] != null) {
data["parentNaicsCode"]["id"] =
routeInfo["marketSegment"][0]["parentTerm"]["id"];
data["parentNaicsCode"]["name"] =
routeInfo["marketSegment"][0]["parentTerm"]["naicsCode"];
}
} else {
data.entityNaicsCode = [];
}
if (routeInfo.taggedPro) {
data.isPro = routeInfo.taggedPro;
}
window.dataLayer.push(data);
} else if (routeInfo && "vid" in routeInfo) {
data.entityBundle = "tags";
data.entityTitle = routeInfo.name;
data.entityId = routeInfo.id;
data.entityName = routeInfo.author?.uname;
data.entityCreated = routeInfo.created;
data.entityType = "taxonomy_term";
data.entityLangcode = SITE_LANGUAGE;
data.siteName = siteName;
data.sponsored = routeInfo.sponsored;
data.sponsor = routeInfo.sponsoringCompany;
data.drupalLanguage = language;
data.drupalCountry = country;
data.userRoles = userRoles;
data.userUid = userUid;
data.algoliaIndexName = indexName;
data["entityTaxonomy"]["tags"] = {
id: routeInfo["id"],
name: routeInfo["name"],
};
window.dataLayer.push(data);
}
})();
How Prepared is Restaurant Industry for end of Swipe & Sign?
How Prepared is Restaurant Industry for end of Swipe & Sign?
7/8/2014
The U.S. payment industry is in a period of transition. October 2015 will mark the end of swipe-and-sign. While card brands are committed to swapping mag-strip for EMV chip-based cards, the standard for authentication remains under debate: signature capture or PIN. While PIN authentication is considered the more secure option, there’s concern that Americans, who tend to have a variety of credit cards, would struggle to manage multiple PINs.
As the restaurant industry, and U.S. merchants at large, take a wait-and-see approach, HT measures the industry's current and planned payment security practices in its 2014 Restaurant Technology Study.
The food service industry, with its fragmented technology, has historically been a target for card data theft. The sunset for swipe cards will be a welcome improvement. EMV preparedness is on restaurants’ radar, with 70% of those surveyed agreeing that it is important to have a well-defined roadmap for EMV preparedness. When asked about their organization’s current approach to preparing, however, just 26% report having some form of road-map in place; likely due to the lack of a standard. An additional 37% will make this a priority in the year ahead. With debate ongoing at the top, merchants remain in a holding pattern.
What's more, confusion with the current PCI DSS remains, with 86% reporting that their organizations are "in compliance" but far fewer are able to identify compliance with some of the 12 specific requirements. For example, only 72% report that their organization maintains a policy that addresses information security for employees and contractors (item 12 of the PCI DSS).
With payment security an ongoing process and a moving target, restaurants are leveraging third parties for assistance. More than half of those surveyed outsource their PCI compliance efforts (54%), and nearly as many (52%) have purchased some form of breach protection or insurance.
Respondents were further asked about their organizations’ use of tokenization and point-to-point encryption (P2PE). Though not a requirement of PCI DSS, these technologies can reduce scope by shrinking the footprint where cardholder data is located throughout the organization. Approximately 43% use P2PE and 33% plan to add the technology by 2016. Tokenization is used by 36%, and an additional 30% have future implementation plans.