In the hospitality business, your aim is to make guests feel welcome. But there is one exception: hackers. They are the unwelcome guests on your network. Here are some tips to keep them at bay.
One: Tokenise Card Data
Tokenisation replaces sensitive card data with, you’ve guessed it, a token. This can be used across various front- and back-end systems instead of the real card data. If a hacker were to access your network, they would merely find random strings of numbers. This is no use for making payments and cannot be linked to real card numbers.
Many of our customers use our tokenisation service. We can also securely tokenise stored card numbers without completing a transaction.
Two: Encrypt Card Data
Encryption ties hackers into a double bind, particularly when used together with tokenisation. Encryption scrambles sensitive data. If a hacker were to harvest encrypted data, they could not use it unless they had the decryption keys. We keep these safe in our secure data centre.
We offer a point to point encryption application centred around the POS device and the connection to PXP, as well as an end-to-end encryption solution. Customers usually choose one of these. We’ve written about the differences between them in point to point encryption: application or solution.
Three: Train Staff
Your staff are your first line of defence against hackers, whether they strike in person (e.g. modifying or removing POS devices) or via the internet. Train your staff. Train them well. Keep training them. I’ve recently heard this described as: lather, rinse and repeat.
Making the training relevant to job role and to life outside work helps it to stick. Almost all your staff have a personal smartphone and use the internet. Tips on how to stay safe online, avoid phishing scams etc. are relevant to them personally as well as professionally.
Four: Choose Security Over Compliance
Our first three tips offer practical examples of steps hoteliers can take to be more secure. However there is no silver bullet to security — unfortunately. We advise adopting a matrix of measures so the protection afforded is greater than the sum of its parts.
Security is an ongoing process, rather than a one-off or one-and-done event. Choosing to prioritise security over compliance emphasises this. Plus the important cultural and mindset shift needed to deliver it.
Five: Use A Hosted Solution
Outsourcing payment security to a trusted partner as a fully managed, hosted solution has many advantages. It helps save you time internally in keeping up-to-date with industry standards. There is no need to recruit, retain and train your own experts. And it helps you cut costs by piggy-backing off the developments your provider does for their client base as a whole.
Our data security solutions are secure. They’re agnostic which makes things easier for you. Whatever terminals you have, whatever applications you run, whatever financial institutions you work with, our solutions will integrate with them. And they’re easy to deploy wherever you are in the world (via remote key injection).
How PXP Financial Can Help
We build our solutions on these principles. And the idea that every customer is different. There is no one-size-fits-all approach to data security. So get in touch for a free consultation about your particular needs.
Or for more information, please see our Hospitality Guide.
PXP Financial
The End-to-end payment platform
PXP Financial provides a single unified payments platform to accept payments online, on mobile and at the point of sale. Powered by inhouse global acquiring, 200+ alternative payment methods & financial services, PXP processes over EUR 16 billion annually through our unified gateway.
Whatever your business needs today or tomorrow, PXP Financials’ innovative payment platform will support your business growth with all the payment services you will ever need from one source, wherever your business takes you.