by Ryan Taylor
Recent news about fraud in the travel industry may not come as too much of a surprise, given the high profile attacks on major hotel chains and airlines affecting millions of customers. Travel industry fraud is getting worse, with a recent PwC report saying the travel industry trails only the retail sector in the number of cybersecurity breaches or fraud attempts.
Some of the latest attacks have staggering numbers, affecting hundreds of millions of customers, and include particularly sensitive data, such as payment details and passport numbers. This is data that can be used beyond single fraud attempts for longer term, more complex, and more damaging crimes, such as identity theft.
Assessing The Impact Of Fraud In The Travel Industry
How bad is it? Here are some numbers that should put fear in the hearts of travel companies:
- The cost of payment fraud to the airline industry each year is $858 million according to IATA.
- Forter reports that there was a 19% increase in fraud on land travel services last year.
- There were $5.2 billion spent in fraudulent and misleading hotel bookings in 2017 according to a survey commissioned by the American Hotel & Lodging Association (AHLA).
For more see: Data Breaches Continue To Plague The Travel Industry
These numbers show that fraud is hitting all areas of the travel industry, and in many different forms. The high volume of transactions, large value transactions, rapid pace of transactions, large number of suppliers, and the global nature of travel purchasing all lead to the prevalence of fraud in the industry. The sensitive nature of data can also attract fraudsters, who can use that data for malevolent purposes.
What Can Travel Companies Do To Prevent Fraud?
1. Stay current on the types of attacks happening in the industry, down to a product level.
The hotel industry may see different types of fraud than the cruise or airline industry. Even within categories, there are differences. For example, major airlines are targeted 37% more often than low-cost carriers, according to a fraud report from Forter. Companies expanding into new markets or introducing new products or services should fully understand the risks and threats of the new spaces they’re entering into.
2. Find the right balance of enhancing your customers’ online experience and protecting their data.
In the battle for online customers, the customer experience has been emphasized, resulting in the frictionless online transactions that customers love. In some cases, this can come at the expense of implementing identity verification measures, which can be seen to potentially contribute to abandoned purchases.
Successful companies will need to find the right mix of intelligent fraud detection in order to prevent fraud while giving customers a seamless experience. This is even more critical in markets where regulation calls for stronger customer authentication measures (for example, in the EU two-factor authentication will need to be in place for online purchases by September 2019).
3. Know your suppliers and your customers.
Knowing your suppliers and forming solid relationships with them can help your company better prevent and detect fraud. Knowing your customers is also critical. If your company does business in different regions, be sure you understand the differences in how customers behave in those regions. This knowledge can help inform your fraud strategy.
4. Protect your customers’ data at all costs.
Instead of passing customer payment information along to suppliers, use the merchant model with a separate payment method instead. Collect payment using your secure systems, and then pay suppliers using a separate secure method such as virtual card numbers (VCNs).
VCNs are used for one transaction only and controls can be set to limit how the number is used. When you protect your customers’ data, you protect your own reputation.
Fraud is not going away, and fraudsters will continue to change their tactics and get more sophisticated with each passing year. In the fight against fraud, knowledge is power. Companies that know their industry, their suppliers and their customers well will be better positioned to detect and prevent fraud. The bottom line is that companies must find a way to protect their most important asset – their reputation.