Skip to main content

Posted May 20, 2019



Recent news about fraud in the travel industry may not come as too much of a surprise, given the high profile attacks on major hotel chains and airlines affecting millions of customers. Travel industry fraud is getting worse, with a recent PwC report saying the travel industry trails only the retail sector in the number of cybersecurity breaches or fraud attempts.

Some of the latest attacks have staggering numbers, affecting hundreds of millions of customers, and include particularly sensitive data, such as payment details and passport numbers. This is data that can be used beyond single fraud attempts for longer term, more complex, and more damaging crimes, such as identity theft.

Assessing The Impact Of Fraud In The Travel Industry

How bad is it? Here are some numbers that should put fear in the hearts of travel companies:

For more see: Data Breaches Continue To Plague The Travel Industry

These numbers show that fraud is hitting all areas of the travel industry, and in many different forms. The high volume of transactions, large value transactions, rapid pace of transactions, large number of suppliers, and the global nature of travel purchasing all lead to the prevalence of fraud in the industry. The sensitive nature of data can also attract fraudsters, who can use that data for malevolent purposes.

What Can Travel Companies Do To Prevent Fraud?

1. Stay current on the types of attacks happening in the industry, down to a product level.

The hotel industry may see different types of fraud than the cruise or airline industry. Even within categories, there are differences. For example, major airlines are targeted 37% more often than low-cost carriers, according to a fraud report from Forter. Companies expanding into new markets or introducing new products or services should fully understand the risks and threats of the new spaces they’re entering into.

2. Find the right balance of enhancing your customers’ online experience and protecting their data.

In the battle for online customers, the customer experience has been emphasized, resulting in the frictionless online transactions that customers love. In some cases, this can come at the expense of implementing identity verification measures, which can be seen to potentially contribute to abandoned purchases.

Successful companies will need to find the right mix of intelligent fraud detection in order to prevent fraud while giving customers a seamless experience. This is even more critical in markets where regulation calls for stronger customer authentication measures (for example, in the EU two-factor authentication will need to be in place for online purchases by September 2019).

3. Know your suppliers and your customers.

Knowing your suppliers and forming solid relationships with them can help your company better prevent and detect fraud. Knowing your customers is also critical. If your company does business in different regions, be sure you understand the differences in how customers behave in those regions. This knowledge can help inform your fraud strategy.

4. Protect your customers’ data at all costs.

Instead of passing customer payment information along to suppliers, use the merchant model with a separate payment method instead. Collect payment using your secure systems, and then pay suppliers using a separate secure method such as virtual card numbers (VCNs).

VCNs are used for one transaction only and controls can be set to limit how the number is used. When you protect your customers’ data, you protect your own reputation.

Fraud is not going away, and fraudsters will continue to change their tactics and get more sophisticated with each passing year. In the fight against fraud, knowledge is power. Companies that know their industry, their suppliers and their customers well will be better positioned to detect and prevent fraud. The bottom line is that companies must find a way to protect their most important asset – their reputation.


Ryan Taylor

Ryan has over fifteen years of technology, payment and banking experience with a proven track record of using technology to solve complex business challenges. Prior to joining WEX, Ryan built and led large-scale, business-focused technology teams at Capital One that supported the Treasury Management and Capital Markets lines of business. In the last 2 years, he assembled a team of over 100 engineers and implemented a 100% agile development shop to drive innovation in Corporate Payments. Ryan holds a Masters of Business Administration from Rockhurst, Graduate Certificate in Systems Engineering from Johns Hopkins University, Bachelor’s Degree in Computer Science from DeVry University, and several professional certifications (Certified Treasury Professional, Project Management Professional, & Six Sigma Green Belt). Ryan is a board member for the Boys and Girls Club of Southern Maine (BGCSM) after having merged the resources of BGCSM and WEX to create CodeX, a community program to teach kids coding and expose them to STEM learning.

Related Posts