Group items tagged

This article deals with the theft that happens on a daily basis in the hospitality field. It happens when credit cards are used to pay for something, like a reservation, and thieves want the information, so they can use your credit card number for whatever intentions they may have. As the article states, "our data is under attack". I can relate to those people that have had credit card numbers stolen, because it has happened to my husband and me, and it is a horrible feeling trying to get your life back on track and recover your money.  I think it would be a great idea, with some research, to get the point to point encryption technology in a field where credit cards are used so often, not only to cover the business (hotel), but also to protect the guest, so they feel at easy when they travel on vacation or business.  The overall point of this technology is to encrypt the information as close to the point of entry, i.e. the swiping of the credit card, as possible. This would in turn "significantly reduce a merchant's card data environment", as the program would encrypt the information so that hackers cannot access the customer's information. As I mentioned earlier, questions should be asked before buying this technology, as there is always something new on the market that may be better. Credit cards are not always swiped, but can also be manually placed in the system, so you want to make sure, that both transactions are protected. Overall, the establishment should always be concerned about the customer and their safety, whether physical or mental and always be prepared for the worse.

Great article! Personally after being a victim of credit card fraud, I'm very apprehensive of where I shop, who handles my card and how long it takes them to return it. I recently cancelled a large purchased after the cashier insisted on rubbing my card number on the reciept after the transactions had be approved. In my mind, I was thinking "If I let you do that, then I've open the door for anyone to charge thousand of dollars. I don't think so." As a manager, who hands credit card numbers for manual input, I'm very cautious of them and want to insure that they don't get into the wrong hand. Aftern each transactions is approved, that number is shredded and the credit card machine is batched out. Companies don't realize how important it is to PCI compliant. The risk in exposing sensitive information of our clients and customers can cost thousand of dolllars in fines and fee, in addition to the lost of that customer/client.

Marilyn, Great Article...as a Front Desk Manager, it is my responsibility to randomly check our computers to ensure employees are not placing USB driver to collect data from our system. Our company has taking this a step further by putting metal locked case around the PC to avoid possible fraudulent activity. If we have to open a PC, we must log it to show proof why a PC became unlock. Companies should adopt similar procedures to protect the consumers/guests. Nelson

Statistics on credit card fraud to support why PCI compliance is important to protect consumers

This article report that sensitive data such as credit card information can be easily received through hotel wireless networks by cybercriminals due to the poor protection network. With the information, cybercriminals can make clone credit cards, which are indistinguishable from the real one and difficult to be traced. What worse is it takes months for hotels, customer and credit card companies to find out this criminal activity. Although hotels have began to step up security, this article notice that customers, especially those travel a lot, need to pay attention to their bank statement since the trend of hacker attacks didn't go down.

With smartphones evlving and getting smarter, smaller and speedier it is allowing for advances in mobile point-of-sale technology especially in the restaurant industr. There are now numerous POS platforms that support both iPhone as well as android. Tablets and iPads are also supported so that restaurants can process payments in the field with a credit card reader. Traditionally POS have been very costly and structured; now with mobile technology the flexibility is convenient, fast and user friendly. New applications allow restaurants to store customer spending patterns without retaining their personal credit card information. the use of smartphones also opens up very exciting opportunities when it comes to business-consumer communication. Restaurants can send text messages containg discounted coupons to their establishments. The key is to not over do it as customers may become annoyed with too many text messages. This article delat mainly with the restaurant industry but did mention the evolution of technological advances with the use of smart phones. Form personal experience I have used my iphone and ipad to conduct credit card transactions utilzing squareD which provides free of charge a mobile credit card swiper that is connected to the microphone port of either the iphone or Ipad. there is not monthly contract or fee. The only charge is 2.5% per settled credit card transaction and the amount is automatically deducted from the batched amount and within 1-2 business days the funds are deposited directly into ones checking/savings account. This is convenient, fast, and easy. I have been able to secure payment right on the spot instead of either handling cash which is always a ahzard or the risk of accepting checks. the use of smartphones and tbalets have revolutionozed the way business is being conducted making it fast, easy, and convenient to both cutomer and busoness owner alike.

"You're probably already practicing basic online and mobile safety, but consider taking these credit card-specific measures as well: Know your merchant. When shopping online, look for sites with "https" in their web addresses (the "s" stands for "secured") and the green lock icon; make sure the URL includes the correct company's name, rather than a close-but-not-correct version; and, even on a secured site, share your information only if you know how it will be used. Type for each transaction. Never allow your credit card number to be stored on an online shopping site. Add a layer. Consider using an online payment system or mobile payment service like PayPal, Apple Pay, Samsung Pay or Android Pay to keep your credit card number out of the hands of merchants, so that if a merchant is hacked, it can't leak your account number. Watch out for public Wi-Fi. Don't shop or conduct financial transactions, including checking your accounts, using public Wi-Fi. Because it's a public network, your information can easily be viewed by anyone."

An unssuspecting person check into a hotel like any normal person would. The ever so common exchange, credit card for room key took place. The only difference was that the person that checked had done so with other intentions. The "guest" utilized an IP Telephone that was in this hotel room to hack into the hotel credit card database and steal credit cards, transmit them to a foreign country and then have money transferred to his offshore bank account. This happened but at the hands of Jason Ostrom, aa Vigilar senior security consultant. Ostrom was able to unplug teh telephone in his room, plug in the phone's ethernet canle into his laptop and hack away. Of course, he did this as part of his job in testing a company's security agaisnt viral hackers. His company offers free security testing using a downloadable software called VolP Hopper This article was extremely interesting because as a frequrnt traveler as well as a perosn in the hospitlaity industry I was very shocked at the ease that the credit card information could be stolen. When it comes to credit card security it is of the utmost importance for companies to be PCI compliant and spend whatever it is necessary to safeguard the information of their customers. The detrimental damage that a security breach can have on a person can be debilitating as leaders in the hospitality industry we must do everything possible to prevent attacks like this from happening. made me become extra cautious about using my credit cards.

The article mainly talks about how to use your credit card safely when you do shopping or other consumption. At first, only tell it to those who really need to know and don't say it or lay it where others can find it out. Before entering your credit card number into any website or giving it to anyone over the phone, make sure you know exactly who you're dealing with and that their reasons for needing your credit card number are legitimate. Then, lock it up. Only carry the credit cards that you absolutely need and keep your other credit cards locked up in a personal safe. Three, each month when your credit card statement comes in, don't automatically assume everything on it is accurate. Read every line item on your credit card statement and make sure each and every charge is legitimate. Fourth, be careful with your email. It means that If you have a street-side mailbox, don't leave your credit card payments in there for the postal carrier to pick up and make sure you pick up your mail each and every day. At last, gets credit card monitoring service. If you can follow the tips above, you will use your card safely.

Travelers who checked in to the Westin Bonaventure Hotel & Suites in Los Angeles between April and December last year are being advised to review their credit card statements and credit reports this week after hotel officials warned of yet another security breach.

The Westin Bonaventure Hotel and Suites in Los Angeles had a security breach where their point of sale system for processing debit and  credit card transactions have been hacked. Data such as guests name, cedit and debit numbers and expiration date were jeopardized. Hackers had not been able to access information from the Hotel's computer system and neither did they affect guest room charges. The Director, Michael Czarcinski apologized and offered free credit monitoring services for those who used their cards during that nine month period.

I was listening to the news over the week end and was intrigued about a story on a new smart card that would one day take the place of all of our credit cards. My mind started reeling and could not grasp the concept especially with technology and hackers in the forefront of any credit card online usage. I read this article several times and it helped me understand the simplicity of this card and also the fact that your credit/debit account numbers are not stored on the card just a chip then the consumer either uses a PIN number or signature as authorization for payment. Fingerprint technology will be added in the future, which will bring about an evolution into the use of the Smart Card.

This article highlights several important security issues in the hospitality industry, followed by the practice of protecting data from loss. The data structure of the hotel industry is complex, customers mainly use bank cards to pay, and the staff turnover rate is high. There are certain internal threats. In order to solve these problems and avoid data loss, it is not enough to strengthen network security. It is also important that employees are trained and familiar with and comply with relevant regulations.

Hospitality offers an ideal target vector for conducting Cyber crimes such as identity theft and credit card fraud due to the existence of multiple databases and devices containing both Payment Card Information (PCI) and Personally Identifiable Information (PII). Restaurants, hotels, and other companies in the hospitality sector often have complex ownership structures with an individual owner or group of owners, and a management company that acts as the operator. Each of these groups may use different computer systems to store information, and the information can also frequently move across those systems.

In this article, we learn about the top five data security risks as well as best practices to help prevent data breaches. According to the article, the hospitality industry is a prime target since it stores a vast amount of sensitive guest information like names, phone numbers, addresses, and credit card numbers. Some of the five risks included complex ownership structures, reliance on paying by card, and insider threats to name a few. In order to avoid these threats, the article suggest that companies become PCI compliant, use cybersecurity measures like firewalls, and know where exactly their data is stored.

In recent news, Arby's acknowledge a data breach within its restaurants. "Arby's said the breach involved malware placed on payment systems inside Arby's corporate stores, and that Arby's franchised restaurant locations were not impacted." Once figured out the company hired security experts to solve the problem. The initial sign of breach came from a service organization that serves more than 800 credit unions called PSCU. An alert was sent to all cardholders that a fast food chain had been compromised, but no specifics were mentioned. This article points out that, "point of sale malware has driven most of the major retail industry credit card breaches over the past two years." Monitoring your credit/debit card transactions is the best way to be safe in this situation- as long as you report the fraudulent charges you aren't liable. While IT has many positives for any organization, it's not risk adverse. Once a system is hacked all information of company and past users is up for grabs, and credit card companies are forced to take the blow.

1. IT The hot-button issue within the realm of hotel-information technology is mobile and cloud technology.A company could have tens of thousands of smartphones or laptops in the field at any given point-each a potential gateway to hackers and other criminals. To the problem the core principle is to provide end-to-end data protection with looking at cost and benefit and how it's supports the business. 2. Terrorism Ironically, one of the main reasons terrorism tops the list is because it has become less of an issue in recent years.Hoteliers need to keep their staffs and travelers mindful of possible threats, but they don't want to scare them. 3. Skimmers A related threat is that of "skimmers," or devices that catch credit card numbers when consumers use them for payment.The best prevention measure is to have an investigative team or third party on hand and making that known to employees. 4. Liability and insurance fraud These two related issues can double, triple, quadruple and quintuple corporate insurance premiums in the blink of an eye. The advisement is hoteliers to educate themselves on the issue, consulting with an attorney, if necessary. 5. Security as taboo "Security" still is something of a taboo in the global hotel industry.Hoteliers need to do a better job of "turning on the light" by talking about security openly and regularly at staff and association meetings, and hotel executives should insist their GMs make security a priority

1. ITAccording to the article, most mobile devices that are used for business are unprotected. Meaning that the devices if the device even have a password and if it does the password is not very complex. There could be thousands of employees accessing company information via the cloud through unprotected smart phones or other mobile devices. This could organizations at risk to hackers and other criminals  2.  TerrorismAlthough terrorist threats are less of a concern nowadays, that does not mean hotel managers should discontinue stressing the importance of security within their establishments. Keeping employees aware and diligent can prove to be a delicate assignment but it is a necessary of part of maintaining a safe work environment in the twenty-first century. 3.  SkimmersSkimmers are devices that steal credit card numbers when consumers use them for payment. Unfortunately, it is most commonly an employee on the inside who is committing the crime.  A third party investigation team will be needed to prove who is stealing from the establishment.  4. Liability and Insurance FraudCombined, these two issues could sky rocket a company's insurance costs through the roof. It is crucial that hoteliers be aware of the legal system and educates themselves on issues concerning liability. Both patrons and employees alike could potentially file claims against an establishment and entitlements can quickly get out of hand.    5.  SecurityDespite the best security measures, there is always the possibility of unforeseen danger. This fear of the unknown is a concern for hotel workers. To confront this fear of the unknown managers must regularly and openly discuss security with employees.  Security should be held as a top priority. 

This article discusses five main concerns brought on by the current state of hotel security. I must say that some of this information surprised me. Something that especially surprised me was learning that mobile devices that are used for business hardly use passwords. The article states, "Amplifying the problem is the sheer number of devices, he added. A company could have tens of thousands of smartphones or laptops in the field at any given point-each a potential gateway to hackers and other criminals." This piece of information is very unsettling to me. How could such valuable information not be protected? The article suggests the solution to this problem is PCI DSS. Terrorism as number two on this list also surprised me because that is not something that would first come to mind for me. The article states that it is ironically on the list for becoming less of an issue. I suppose this reminds hoteliers to never let their guard down when it comes to issues of safety and security within the hotel. However, "skimmers" and liability on this list does not really surprise me. The article suggests that hoteliers be educated about these issues to protect the hotel against them.

Great article on the rise of mobile payment systems and how businesses who in the past may have been cash only or otherwise are seeing increased sales as the ability to take credit card payments with little hardware and software infrastructure costs. Down the street from me is probably my favorite Rib joint in town, Uncle Rodney's House of Ribs is the name. I love that place, but rarely go because they are a cash only business due in large part to the fact that the owner does not wish to pay for wireless or otherwise internet related services to make his business able to accept credit cards. What are everyone's thought to the increased use of mobile payment systems for restaurants and other businesses?

This is an interesting article, and it is quite amazing to see how the way of payment is drastically shifting with new technological devices such as smartphones, card readers. Just a couple of years ago, if I wanted to buy something online, I had to start my computer then go on whatever website I bought something from which took some time. Now, however, I don't even have to turn on my computer to purchase something on the web because I can buy many things through my smartphone whenever and wherever I want. It is a lot easier and faster than what it used to be.

Spasibo bolshoe za interesting article! Ona mne ochen pomozhet v moem research!

It is hard to forget how thousands of Target customers financial information was compromised last year due to a breach in security of the company's POS. Target is not the only company that has been infected with this program that steals credit and debit card information. Actually, there have been more than a thousand businesses affected by this malware that has come to be called "Backoff." The malware targets POS systems and has stolen millions of credit card numbers as well as personal information on millions of customers. A large majority of cybercrime is focused on attacking business's POS systems. The malware attacks systems by going through a list of common passwords until it is able to hack the system. "Backoff" then disguises itself as a compatible Java component and collects credit card information. However, Apple has recently announced Apple Pay and many believe this can diminish a lot of cybercrime.

It is hard to forget how thousands of Target customers financial information was compromised last year due to a breach in security of the company's POS. Target is not the only company that has been infected with this program that steals credit and debit card information. Actually, there have been more than a thousand businesses affected by this malware that has come to be called "Backoff." The malware targets POS systems and has stolen millions of credit card numbers as well as personal information on millions of customers. A large majority of cybercrime is focused on attacking business's POS systems. The malware attacks systems by going through a list of common passwords until it is able to hack the system. "Backoff" then disguises itself as a compatible Java component and collects credit card information. However, Apple has recently announced Apple Pay and many believe this can diminish a lot of cybercrime.

The article highlights the top five risks and security challenges in the hospitality industry. The following are the top five security risks according to the article. 1. Identity theft leading to credit card fraud - compared to other industries, the hotel industry is at more risk for credit card fraud and identity theft. This is because hotels are highly targeted by hackers. Hotel properties for the most part have credit card information for each and every guest that has stayed at a specific property. Hotels must be ahead of the technology curve when it comes to security however this is not always the case. 2. Silent invasions - This consists of all the cyber attacks that can affect a business by infecting the network. As discussed during the first module, hotels run majority if not all of their business using technology. If a hotel were to have their networks hacked it would leave them in a very bad situation. Since hotels operate their entire business using technology and multiple different systems, they would not be able to operate if they experienced a network breach. 3. Longer or no security audit cycles - Most branded hotels are required by the franchise to have consistent security audits done for each property. Independent hotels are deemed greater at risk for a security attack because they are not mandated to have security audits. These hotels sometimes skip audit cycles to save money. 4. Physical crime - This ranges from professional robberies to drug laps in hotel rooms. Hotels are at risk for armed robbery due to to lower chance of security compared to other industries that operate overnight. 5. Reputation risk - Hotels that experience a security breach almost always will see some sort of loss in competitive advantage. Nowadays with social media and the news travelers are more aware with what is going on and they would be more inclined to book their reservation somewhere else if they heard of the property having a security breach.

Hotels have to comply with Payment Card Industry Data Security Standards, which are constantly updated since technology is developing. Also, 'the hotel industry has unique vulnerabilities to credit card theft', since the cards should be available over the long period of time, and to different 3rd parties as well. The new technology will encrypt credit card information at the point-of-swipe, and the number never gets to any other place in the hotel or other business. The other issue is payments on mobile devices. Where it is advised to encrypt information prior to using the device, and avoid "bring you own device policy'.

This article introduces the Secure Payments Framework in Hotel Technology Next Generation (HTNG) Conference. The Framework applies mobile payment and cloud computing technology to reduce the cost and complexity of satisfying the Payment Card Industry Data Security Standards. The credit card security is a big challenge for all hotels, especially for the small hotels, lacking expertise and budget to protect customers' card information. There are many advantages of the new card framework. Firstly, the new Framework can encrypt the credit card information at the point-of-swipe. In this way, the card number can't be stolen by other systems. Secondly, it is scalable for different sizes of hotel. Thirdly, new guidance is made for accepting payments on mobile devices. Before processing payment, the merchant need encrypt cardholder, to make sure more security. What is more, new policy on cloud computing. The cloud service provider and its clients are both responsible for the security of cloud data. The policy also need merchants to evaluate competing cloud services and carefully pay procedures.

This article is about the concern of customers paying their purchase online, and not through a machine as is the most typical way to do it. But for many this transaction is not safe at all, there could be hackers that can make fraud. This is why two of the most popular CC companies has developed the Visa's 3-D Secure™ and MasterCard's 28SecureCode™ to keep their customers safe, these cards requires a personal security code for every transactions and other personal information in order to keep the purchase safe and some others requires a monthly fee to obtain this service.

Gaylords Hotels has added the POS system for their customers to experience. POS stands for Point Of Sale. Its a small devices that allows an employee to charge the customers credit card right then and there. No cashier, no register. The article elaborates on how the hotel has implemented this systemin their pool area. It discusses how pool attendants spend so much time walking back and forth which eventually makes the order longer. This system allows the employee to charge the credit card and print the receipt right then and there, saving a few trips. This should be implemented in most places saving time and preventing a slick employee to steal someones credit card information

This article describes one of the worst situations that could occur when operating a hotel. According to the text, Wyndham Hotel Group failed to implement a strong enough security system, resulting in hackers breaching the network and stealing over 600,000 credit card numbers and over 10 million dollars in fraudulent charges. The FTC is suing Wyndham Corporation for failing to take the proper security measures to guarantee the security of the most important customer information. The FTC also states that Wyndham used improper software configurations that presented credit card information in a manner that was clear and easy to read. Michael Valentino, spokesman for Wyndham Worldwide, the company made prompt efforts to notify those whose information had been compromised and according to Valentino, no hotel customer had experienced a financial loss as a result of the attacks.  Despite Valentino's claims, the FTC is suing Wyndham for unfair and deceptive practices in failing to protect the privacy and personally identifiable information about guests. The FTC claims that Wyndham failed to address the security failures that occurred after the first breach in 2008 and did not implement technology that could have detected unauthorized access to networks. In 2009, hackers used similar techniques to break into the network again as steal as much personal information as they could. 

This article was very enlightening on the recent advances of POS technology in the hospitality industry and the new developments that keep evolving. The article presents areas were recent advances have helped to improve the "effectiveness of a business and relationship with their customers". As stated in the article with the use of "cloud-based systems, the latest i-trends and the growth of Near Field Communications", the hospitality industry POS technology will move very far. Three key areas were discussed; "Point of Sale on the move" which referred to using a browser on any mobile device to obtain necessary information while you are on the move or away from the business. The second area was using a POS system on a tablet or smartphone that would be able to provide more useful information than tradition POS systems in a lightweight manner with more flexibility. I can attest to the real need for this advancement because working in an establishment that has the traditional POS systems has proven when there is a problem trouble shooting can be very difficult. A process as simple as getting your technical support team to make changes in your POS system can be a nightmare, when your system does not have updated software. We experienced that issue this week, when technical support attempted to access the system and could not locate the license agreement after hours of searching for a key we found a device that was attached to the printer cable in the back of the CPU. All of the unnecessary time spent on that one event could have been eliminated if some of this new technology was in place. The last area the article referred to is "Marrying POS and NFC". This new development is hoping to eliminate the need for carrying money or credit/debit cards and enable consumers to use mobile devices to process all transactions. I believe this would be very beneficial in the hospitality industry not only from the point credit card fraud but also it eliminate