Minimizing data hacks and breaches: A 3-step guide for hotels

2018 was a particularly challenging year for big hotel chains like Marriott International and the Radisson Hotel Group, with reports of customers’ data being at risk because of data breaches and potential data hacks. According to HotelNewsNow.com, “more than a dozen data breaches have been reported by hotels” over the last decade – and it is feared that this number will only continue to grow.

A large amount of personal data – details across identification, reservations and even preferences – is transacted with and stored in the hotels’ databases every day. Thus, when these databases are hacked and data is breached, there is an abundance of information for hackers to commit financial fraud with.

So, how can hotels continue to remain secure in the face of hackers and breaches?

1) Avoid storing data in one premise

Just like the saying “don’t put all your eggs in one basket”, the same goes to the storing of data. Consider storing them in multiple “compartments” or locations regardless of on-premise or cloud servers, with unique passwords associated with each. By keeping data separately, this could prove to be an effective deterrent for hackers, as the retrieval of data from a property management system (PMS) could instead be cumbersome and time consuming.

2) Use minimum data – and encrypt it

Hotels should take advantage of data minimization and retain only the necessary information needed for the respective transactions – in other words, to adopt the practices of decluttering guru Marie Kondo when it comes to data. Minimizing data could mean the use of only email addresses and verified digital identities for validation upon check in. Other information like passport number and selfie images (used during check in) should be purged as soon as possible, so as to prevent any leaks in the event of a data breach.

Encryption – encoding and privatizing information for an intended recipient – is also an important step when storing or sending data, to protect your guests’ vital information.

3) Leverage on suitable artificial intelligence and computer vision technologies

Ultimately, hotels are obligated to protect guests’ personal information, which is voluminously collected on a daily basis. Storing sensitive data such as passport scan images are dangerous. It is better to apply machine-learning recognition technologies allows for a safer, quicker and more accurate way to verify user identification data, and then discard it after the verification is complete.

For example, GTRIIP’s mobile check-in solution interfaced with government driven initiatives such as E-Visitor Authentication (EVA) system utilizes the patented Passport Data Page Detection models to verify photo IDs that are not easily validated by the naked eye, minimizing human error; and complete the hotel check-in without having to store any personally identifiable guest data on premise or cloud.

With such technologies available, hotels no longer have a reason to manually check through one passport at a time.

Find out more about GTRIIP’s check-in solutions here.