Travelers Worry About Loyalty Program Data Breaches

A new study looks at frequent travelers’ expectations for data protection and offers recommendations for reducing the threat of a data breach.

In a new study released by Deloitte Consulting, there is a clear difference between what frequent travelers expect in terms of loyalty data protections and the reality of what — and how — this data is secured.

Based on a survey of 1,000 frequent travelers, the study notes that while 33 percent of respondents feel their loyalty accounts are secure enough, 75 percent expect travel companies to secure their personal information to the same — or an even a higher — standard as a financial institution. However, Deloitte notes, this type of data is not governed by the same rules that protect things such as credit card data files.

Rewards programs information “by its very nature is not anonymous, and there is not always a requirement for it to be encrypted,” the study reports.

“Travel companies often partner with one another or with third parties and lifestyle brands … Most of these initiatives involve sharing customer information,” the study goes on to add, pointing out that such initiatives can make the data vulnerable to outside sources.

Given that the security of sensitive personal information, such as credit card numbers and social security numbers, is a top concern for most consumers today, Deloitte’s report notes that “companies that collect this and other personal information have a wider duty to protect it. Most consumers don’t make a distinction between travel companies and companies in other industries when it comes to this responsibility.”

Jean Medina, a spokeswoman for the Airlines for America (A4A) trade association, told the Los Angeles Times that the industry works hard to keep loyalty data safe. “Airlines know how important customer information is, and they have transparent privacy policies and are vigilant in protecting customer data,” she said.

The Deloitte study recommends travel companies work with consumers to help develop practices that can reduce the threat of data breaches. For example, consumers’ security practices are weak in the wake of maintaining so many accounts, apps, online tools, social media and more. Only 21 percent of Deloitte’s study respondents change their passwords at least once per quarter, and 53 percent use the same password for multiple accounts. Education campaigns, periodic reminders, offering points to change security credentials, and offering free or discounted tools to manage passwords are some of the recommendations put forth in the report.

“[Companies] that go the extra mile to secure traveler data — and to engage customers in the process — will be able to claim customer care as a core element of their brand,” the study concluded.

[Photo: iStock]