How Mobile Apps and Cyber Security Affect Your Operation

By Marc Stephen Shuster Partner, Berger Singerman | January 08, 2017

Co-authored by Andrew Hinkes, Partner, Berger Singerman

Cyber threats have seized the spotlight in 2016. From enterprise data breaches costing millions, to the emergence of fraud and hacking as an on-demand service, to the politically-inspired interception and disclosure of the US Presidential campaign’s emails and, some have alleged, the hack of the election itself, cybercrime emerged from the realm of cyberpunk fiction and established its place as a mainstream social, economic, and political force in 2016. The rise of hacking has been driven by three factors: the pervasive use of network driven technology, the use of aggregated electronic data by companies, and the fluid resale market for stolen personal, financial, and healthcare information.

As the hacks of Trump, Starwood, Hilton, Mandarin, and Hyatt clearly demonstrate, the hospitality industry is near the top of hacker’s lists. Why? Hotels aggregate and share valuable data about their customers. Beyond payment information common to all e-commerce, hotels aggregate data about their guests that may include medical ( guest food and environmental allergies, alcohol consumption, use of gym and spa facilities, requests for medical assistance ), reputational ( damage to rooms, grant of guest access to others ), logistics ( arrival and departure time, on-site transportation bookings ) and information regarding third parties ( through potentially access to guest social media and email systems accessed on guest devices through hotel wifi ). For hotels that pride themselves on service, privacy, and discretion, the loss of consumer trust caused by a data breach or a hack of guest information can shatter the brand’s reputation and impact the bottom line.

However, as long as consumers demand increasing convenience and access, hospitality retailers and service providers will continue to innovate. The recent trend in the hospitality industry is toward increasingly sophisticated mobile applications, leveraging the power of the ubiquitous mobile device. Unlike other data-centric business sectors, however, hospitality traditionally has not invested heavily in IT, which may result in continued reliance upon neglected and vulnerable systems. Efforts to secure user-facing devices ( like computer kiosks, in-hotel wifi networks, and company web sites ) are no longer sufficient, as data repositories are shared and accessed by vendors on a variety of access devices and platforms. Hackers have adapted and now focus their attacks on less secure, non-PC devices like routers, networked photocopiers, and IoT-enabled or automated utility devices, and then leverage that access to reach otherwise secured devices that store consumer data and financial information from within the network. Even well defended networks remain vulnerable to social networking, or the theft of access credentials from trusted partners, including vendors. Thus, cyber security, once viewed as a cost center for IT departments to manage, has emerged as a primary business imperative, critical to maintain customer trust and avoid regulatory criticism, and significant legal exposure.

Potentially compounding these risks is the emerging demand for mobile applications and streamlining of the guest experience through guest-directed automation. Increasingly, mobile applications are used by hotels as the keystone for the customer experience. Mobile app driven or kiosk mediated check-in and check-out are becoming commonplace. Some mobile applications allow smart devices ( using Bluetooth or NFC communication protocols ) to function as door keys, granting ( and limiting ) access to guest rooms or designated hotel amenities. Those mobile apps may also allow the guest to customize their hotel room environment ( by controlling room temperature, lighting and, in some cases, pre-ordering bonus amenities ). Hotels, eager to monetize these new platforms, have begun to exploit the marketing potential of these applications, suggesting local vendors and activities to guests based upon activity profile, demographic information, and geolocation data collected and provided by the application using location-specific beacons.

While mobile applications may enable an unprecedented guest experience and create efficiencies and cost savings for the hotel, these applications invite serious security concerns. Mobile application development varies significantly from that of traditional software; apps are intentionally easier to develop which has encouraged less experienced developers to quickly bring to market offerings which may not have been as extensively tested as traditional software. Some developers, perhaps lacking a security background, may rely on unsecured or untested code libraries, or simply lack appropriate experience and knowledge to create apps with security in mind. Although most major companies invest heavily in their consumer outreach, many well-known brands have published and widely distributed mobile applications with major security vulnerabilities.

Hotel Newswire Headlines Feed  

Joey Yanire
Scott  Watson
Banks Brown
Jerome G. Grzeca
David C. Marr
Coming up in January 2018...

Mobile Technology: Relentless Innovation

Technology has become a crucial component in attracting and retaining hotel guests, and the need to enhance a guest’s technology experience is driving a relentless pace of innovation. To meet and exceed guest expectations, 54% of hotels will spend more on technology in 2018, and mobile solutions in particular will top the list of capital investments. Many hotels are integrating mobile booking, mobile keys, mobile payments and mobile check-in into their operations. Other hotels are emphasizing the in-room experience, boosting bandwidth and upgrading flat screen TVs to more easily interface with guest mobile devices. And though not yet mainstream, there are many exciting technology developments on the near horizon. The Internet of Things (loT) is taking form in some places, and can be found in guest room control systems, voice activation systems, and in wearable sensors that can be used for access and payment options. Virtual reality headsets are available at some hotels so guests can enjoy virtual trips to exotic locations or if off-property, preview conference facilities and guest rooms. How long will it be before a hotel employs a fleet of robots for room service, or utilizes a hologram as a concierge, or installs gesture-controlled walls that feature interactive digital displays? Some hotels are already using augmented reality for translation services, or interactive wall maps, or even virtual décor. This pace of innovation is challenging property owners and brands to stay on top of the latest technology trends while still addressing current projects. The January Hotel Business Review will explore what some hotels are doing to maximize their opportunities in the mobile technology space.