Mark Bower, global director of product management for HP Security Voltage, commented on news of a possible credit card data breach at the popular Hershey Park amusement park in Pennsylvania.
Mark Bower, Global Director of Product Management for HP Security Voltage :
“Resorts and hospitality service providers have additional challenges to deal with in respect to payment card security.
Card on file transactions are common, meaning card data is often stored longer than typical retailers to maintain customer bookings and for resort service charges after check-in. Feeds from online booking systems often channel card data from various sources and third parties over the internet, creating additional possible points of compromise. Partner booking systems accessing the hotel platforms also present additional risks and malware paths for entry to data processing systems to steal sensitive information.
However, resorts and hospitality organizations can avoid the impact of the advanced attacks common in the retail segment.
Proven methods are available to neutralize this data from breach either at the card reader at the POS in person or via web booking platforms. Leading travel related organizations, airlines, travel booking aggregators have adopted these data-centric security techniques with huge positive benefits: reduced exposure of live data from the reach of advanced malware during an attack, and reduced impact of increasingly aggressive PCI DSS 3.1 compliance enforcement aimed to making data security a ‘business as usual’ matter for any organization handling card payment data.”