Hotels are prime targets for hackers.
Hotels are prime targets for hackers, not only do they possess credit card details but also an overload of guest data, including emails, passport details, home addresses and more.
As a quick recap, on the 30th of November 2018, Marriott International announced, they had experienced a massive security breach at Starwood branded properties from 2014 to September 10, 2018. 500 million customers were involved in the breach, with credit card information, passport details and mailing addresses compromised.
“Whilst the Marriott breach was the largest ever recorded, if you confine comparisons of the top 20 largest hotel chains worldwide, with the airline, cruise line and car rental chains worldwide, it is clear that hotels have allowed themselves to be vulnerable to far more breaches” – Skift, 2018
The penalties for lax security measures surrounding sensitive information are two-fold.
Firstly, the financial impact can be a fine of up to 4% of global turnover or €20 million, whichever is higher. Security experts think it is highly likely Marriott will be faced with a considerable bill.
Secondly, there is the risk of reputational damage, which is much greater thanks to social media and the speed at which negative comments can be shared. It is impossible to put a precise number on the financial implications a loss of reputation can cause. However, when a company’s bottom line is linked to its reputation, it is fundamentally important to protect your brand name. The Marriott International hack, although the largest on record, is by no means a new occurrence within the hospitality industry. In 2017, Hilton Worldwide agreed to pay a $700,000 fine after data security failures exposed more than 350,000 credit card numbers in two breaches during 2015. Trump Hotels, Starwood, Mandarin Oriental, Kimpton, IHG and Millennium Hotels and Hotels have all experienced data security breaches over the past 5 years.
It does not stop there, smaller hotels are a target too, according to the Verizon report published in 2018, 86% of the accommodation-industry breaches occurred at small businesses. Bob Russo, GM of the PCI Security Standards Council, said in recent years the hotel industry has been particularly vulnerable to cyber attacks. All evidence points to the importance of security and the need for active efforts to ensure the protection of guest data and credit card information.
In the effort to reduce the risk of similar hacker attacks occurring in the future, conichi decided it was time to find an innovative solution designed to increase data security in the hotel industry – and that’s how the concept of Smarthotel came into existence.
How to make your hotel more secure?
Innovative companies in the hotel industry, such as conichi, are aware of this risk, as are travelers and corporate travel managers. Therefore, conichi has built a technology with this information in mind, and has chosen their data storage and payment provider with the utmost care.
For instance, their data storage provider, AWS (Amazon Web Services) – a managed cloud platform, received ‘best in class’ and ‘best of breed’. In operational terms, Smarthotels never receive unencrypted credit card details, yet the staff is able to trigger payments via the hotelier app that conichi has developed, thus ensuring sensitive data protection and fraud prevention.
In order to ensure the highest protection, payment providers need to be PCI DSS (Payment Card Industry Data Security Standard) certified and require FCA-approved status. This means that all guests using conichi’s Smarthotel solution pay via a service that is certified with the highest security standards available, ensuring that the sensitive data of your hotel and clients are secure.