Hotels have been urged to do more to protect their payment systems against cyber fraud.
The call came from Visa Europe as it published a whitepaper aimed at helping the hospitality industry safeguard customer data.
‘Hospitality Breaches on the Rise’ offered insight on how cyber-criminals target hotels and guidance on how data can be protected to help businesses comply with the Payment Card Industry Data Security Standard (PCI DSS).
The report was collated following research by forensics investigator Trustwave that found 38% of all card “compromise incident investigations” last year occurred in the hospitality industry.
Hotels are more vulnerable than other retailers because customer card data can be stored and retrieved at multiple pay terminals, such as the reservation desk, restaurant, bar, or for room service, internet access and online bookings.
Visa is introducing a range of guidelines for retailers including advice on emerging technologies such as data encryption and tokenisation, which help secure card data when it is either being moved or stored.
Visa Europe payment system risk senior vice-president Stanley Skoglund said: “Cardholder data held by hotels is a potentially lucrative hub of information for fraudsters who view the hospitality sector as an easy target.
“By understanding the nature of security threats and the preventive measures that can be taken, hotels can reduce the risk of compromise.
“Hotels make up a large proportion of data compromises and Visa Europe is keen to work alongside the industry on initiatives like this white paper, to help increase awareness, to help strengthen defences, and reinforce consumer trust.”