As has often been said, the development of the Internet and communications has enabled a wide transmission of information from one side of the planet to the other, however it has also opened the possibility for criminals to obtain money and data from people without having to move more than eight fingers on top of a keyboard.By: Ana María Restrepo
Information Technology (IT) is not only immersed in those industries that refer to engineering, but it is found in each of the economic sectors among which can be found that of hospitality.
The development of Web 2.0 created a greater interaction than it had with Web 1.0, enabling the appearance of blogs, social networks, interactive games, among others. In the case of hospitality, advances in 2.0 helped hotels create booking platforms that allow travelers to book online from anywhere in the world and at any time, but it is at this point that a question arises: how secure is it to send booking information over the Internet? The main idea is that every time data is sent, it is encrypted to prevent it from being intercepted by cybercriminals who only seek to do harm.
To answer this question more precisely, HOTEL AND RESTAURANT MANAGEMENT invited four professionals from companies that develop reservation software and special systems for the hospitality industry.
Juanpablo Lajud, CEO of Innomius Technologies, explains that the world of reservations is made up of multiple interfaces, including inventories and banking interfaces. These interfaces are indispensable so that customers can actually shop online and not just request or book. "Because multiple systems exchange information, there are some steps and points where there need to be security considerations for both the end customer and the service provider. And it is the supplier who is responsible for the protection of both parties."
Common protection
The security systems that must be implemented are many and it must be taken into account that every time technology advances, the techniques of criminals improve seeking to violate these systems, so, as Juan Carlos Otoya, general manager of Zeus Technology, says, the important thing is not to trust and mount data validation schemes that minimize risk.
For Joe Hyman, president and CEO of Vizergy, all reception of personal data online is accepted through an SSL encrypted website, Secure Socket Layer protocol, which can be seen when the URL of the page begins with https://www, where the 's' represents SSL. Which means that data is transmitted securely against attacks.
Gladys Villa, administrative manager of Consisho Mexico, agrees with Joe and adds that any online booking system must meet the minimum security requirements for publishing keys and passwords on the web.
But beyond this basic security, Lajud comments that both the buyer and the seller must be protected; the first through a secure protocol that includes the relationship between the customer and the website, the site and the bank, as well as between the site and the inventory interface. The seller is protected with the aforementioned system, also adding a bank that uses buyer authentication mechanisms and assumes responsibility for a charge once when authorized.
Behind a reservationThe different booking solutions are characterized by being more than just a website. Many of these become a log engine that allows a large amount of data to converge in instants. Some others are a complete online sales portal from where the establishment captures reservations from all sales channels. They give the information of the property: photos, amenities, rates, promotions, packages, etc., and the client is sent a confirmation email with additional information on airport, exchange parity, transportation, among other data.
Juan Carlos Otoya explains that there are many methodologies to handle online reservations, "normally people believe that if there is online payment the reservation is in the same sense and in reality it is not so, one could even put a reservation form, inform how much it is worth and set up a payment gateway and you would have online reservations. The truth is that the most sophisticated form of online reservations is by making use of web services that allow in real time to update the data of the hotel system of the establishment".
There are also other methodologies that give hotels tools to increase the availability they want to offer, maintaining control of it to close in situations of oversold and what interfaces with the hotel system and allows to confirm reservations almost online.
Encrypted hotel system
When implementing a booking platform, it must be taken into account, as Lajud affirms, that there is a very great risk in electronic commerce for those who provide products or services through it.
Most hotels implement their online reservation systems in partnership with the manufacturer of the hotel system they use: "There are travel agencies that have reservation systems with an interface to hotels and reservation centers concentrate the information normally in their own databases and handle the issue of availability by quotas given by hotels or allotment (quota that a tour operator has with a hotel)" says Otoya.
Juanpablo also adds that today there are many consumers who book online, even some who were reluctant to the technological revolution have been encouraged to look for rates on Internet sites.
When these people make a transaction, the information they provide is encrypted and stored in a database that is accessed through a protected page (SSL) and a password. Transport Layer Security Protocol (TLS) is also used, whereby information is compressed, encrypted, and packaged. All this in order to make it immune to attacks; most software uses security standards such as those of banking and financial institutions.
Being clear that all this data is sent over the Internet and that the degree of development of criminals is increasing more and more, it is worth asking what can happen when a hacker intercepts the information of the reserve?
Juan Carlos believes that with this data what could be done is to offer the client the services of the competition, use the address data, telephone, etc., for criminal acts even, but regarding the issue of credit cards a high security is handled and it is not very possible that information is taken from there.
For his part, Lajud states that when information can be stolen through a program that makes interventions in the network (sniffing) and that listens to all the packets that are running on the network to which the hacker has access "he can easily intercept information packets. If the system making the reservations uses an SSL tube, this hacker even though he has the package, will not be able to access the information contained."
The theft of information through fake sites occurs when a hostile application is installed on the user's machine and it alters a file (hosts) that all operating systems have. The way to operate is that the hacker prepares a site that is identical to the one that the user probably enters regularly and there he asks for his username and password, so that he keeps the information of the Internet user on a site that is not the real one.
As mentioned above, the information that comes from credit cards is high, additionally the origin of a credit card can be known through payment gateways, as they include the online card validation service reported as stolen and they are the ones who approve or not the transaction, and since there will always be a risk that must be minimized, therefore, many of the hotels carry out virtual transaction confrontations with the payment gateway provider.
Leave your comment