By Rurik Bradbury, chief marketing officer at Trustev
Industries like retail, financial services, and insurance have made combatting fraud a priority, but unfortunately the travel industry is still miles behind.
Industry insiders peg the amount lost to fraud at about 1% of revenue, with commercial airlines generating about $727 billion in combined revenue in 2015, these companies have lost roughly over $7 billion to fraud last year alone. That’s the equivalent of putting 24 million domestic flight tickets or nearly 20 Boeing 747-8’s straight into online fraudsters pockets.
Travel fraud protection is an issue of great urgency to the larger global community, as it offers online criminals benefits beyond just money – namely stolen airline tickets for the drug trade, human trafficking, and more.
Despite these ramifications, the travel industry and law enforcement agencies are only just beginning to stem the growth of airline fraud, not to mention hotel and hospitality hacks like those at Hyatt, Hilton, and Starwood in the past year.
So, how did such a grave problem even start? The rise of digital technology and corresponding decline of human representatives removed a vital protection that airlines had against fraud: human common sense.
While they may be less efficient, people simply have a much more astute ability to identify shady purchasing behaviour than automated e-commerce platforms.
Yet this shouldn’t send us all pining for the days of brick-and-mortar travel agencies. In fact, airlines’ best hope in 2016 is to prevent fire with, well, fire.
By investing in new technologies, airlines can not only stop ingenious hackers in their tracks, but also fortify the key aspects of airline commerce that have become vulnerable with the rise of digital systems.
The advent of travel e-commerce in the mid-1990s allowed companies to offer a faster and more convenient reservation and buying experience. But this also created a major white space that fraudsters have taken full advantage of.
Like other e-commerce companies, travel booking websites offer online criminals a wealth of personal consumer data, with the added bonus of free travel tickets. When paired with other stolen information on the dark web, this data allows them to create full personal and financial profiles of unwitting consumers.
Many other e-commerce companies combat this issue with human transaction reviewers, which is not feasible for travel and hospitality companies whose customers rely on near-instantaneous reservation delivery.
Instead, travel websites should implement machine learning technologies to secure their systems. Fraudsters exploit e-commerce travel websites because their current technological infrastructures don’t notice the suspicious incongruities the way a human travel agent would.
Machine learning technology mimics human intuition through pattern recognition, allowing websites to secure their transactions without sacrificing customer experience.
Self-service check-in kiosks have become ubiquitous, and travellers increasingly use them as a more convenient option to desk representatives. They are also one of the easiest targets for fraudsters.
Kiosks function as card-only point-of-sale (POS) systems for seat upgrades and baggage purchases. As a result, fraudsters can easily steal full credit card numbers from these systems to make illegal purchases.
POS fraud is possible at manned registers as well, but the card readers at check-in desks are monitored more closely simply because human employees operate them. This is also a major issue at hotels, as Hyatt just learned the hard way – hotel POS systems are rarely equipped with the right technology to prevent hacks, making them easy targets for criminals.
To add an additional safeguard against fraud at the kiosk, airlines, hotels and other travel companies should follow in brick-and-mortar retailers’ footsteps by implementing EMV compliant POS systems.
EMV compliant systems require chip-and-pin cards for purchasing, which adds an additional level of security that makes it much more difficult for fraudsters to steal information. A few international airports have just begun to roll out EMV compliant kiosks, and I expect to see the trend grow this year.
Aircraft are no longer as off-the-grid as they used to be. With the switch to digital, in-seat tablet POS systems have become a staple of the flying experience. As in-flight Wi-Fi connections improve, more airlines are connecting POS systems to the internet to combat long-standing credit card fraud issues.
Unfortunately, this shift has also opened them up to more online fraud and hacking. In fact, a 2014 study from AirInsight showed that up to 57% of aircraft POS systems aren’t properly secured from hackers, leaving passenger credit card information vulnerable.
Aircraft have also become more mobile-friendly in the past couple of years. As a result, airlines should look to focus their connected POS systems around mobile payments, which are far more secure than traditional credit cards.
Mobile payment apps like Apple Pay and Samsung Pay rely on token systems, which add an extra barrier to the payment process. This keeps sensitive information out of airline’s vulnerable systems and away from hackers.
Mobile payments also require less legwork on the part of the flyer, most passengers keep their phones with them throughout the duration of the flight anyway, making it simpler for them to pay for goods in-flight without needing to dig their wallet out of the overhead bin.
Intuition has been the human safeguard since the time of cavemen, and today we’re lucky to be surrounded by technology that can mimic that same thinking.
Technologies like machine learning, chip-and-pin POS, and mobile payments are finally capable of making airline travel an automated digital experience without sacrificing security.
Now it’s on travel companies to take the necessary steps to secure their futures, and ours.