The Mandarin Oriental hotel chain recently became the latest big business to suffer a data breach, sounding a call to the hospitality business to shore up security posture.
The weak point for hotels is pre-encryption, the point between when the card is swiped through relatively old hardware that's part of potentially outdated hospitality management platforms and the payment gateway.
Whether it is code or hardware that is placed between swipe and encryption of card data, it is relatively simple for a person who understands how payments work to find a way to pull credit card information.
For a company such as the Mandarin Oriental, payments are a constant. So as a hospitality business looking to create the best experience for their customers, why doesn't it consider payments as a core aspect to that business? There are ways to protect and encrypt the credit card from the moment it hits the computer (or tablet) before it reaches the gateway and makes its journey to the acquiring bank and card network.
Apple has taken a big step towards consumer adoption of newer payment technology. Yet aside from Apple, it is unfortunate that companies, especially higher profile ones, do not become experts in an integral aspect of their business operations. Why dont these businesses have higher expectations of the platforms that they use?
All of the buzz surrounding mobile payments aside, it's not a new technology. Near Field Communication payments have been around for a long time. With the arrival of Apple Pay, mobile payments are expected to supplement further growth such as Apple Watch. Apple Pay may be considered to be the leader in mobile payments because their platform, above all others, has delivered a great experience within a known and loved device, resulting in mass adoption.
As the mass adoption of this new technology continues, mobile payments will continue to gain momentum for the simplicity it brings to the end user. Consumers will want to use it because they feel they could make their lives easier by not needing to carry so many cards. From the perspective of a merchant, they will consider what technology will best allow them to accept payment, and how best to understand the rates they are paying. Meanwhile, hackers and fraudsters will continue to search for an opportunity to obtain funds by finding loopholes, either internal or external to the platform.
Apart from the increased attention, mass user adoption will create a stress test of the greatest level involving the payments infrastructure. Before the arrival of Apple Pay, the infrastructure hasnt required too much monumental change. Acquiring banks, payment gateways and the acquirers themselves have focused on one major aspect: merchant acquisition. With Apple Pay, infrastructure overhaul is brought to light, from the process of authorizing individuals, to how the card is input and encrypted via an NFC payments platform as well as authorization during payment.
Could The Mandarin Oriental have done a better job at protecting their customer data and their own infrastructure? I certainly believe so. Sometimes it takes a disaster to establish disaster prevention. The advent of the new will bring to light the weakness of the old, resulting in change for the acquirers, gateways, service providers, merchants and consumers. It will be a bumpy road, with more instances of fraud and hacks, but the end product will be faster, better and stronger.
David Bozin is vice president of growth development at Bindo.