NEW YORK—Three-quarters (75 percent) of frequent travelers expect their loyalty program data to be secured to at least the same standard as a financial institution—but only 33 percent feel their accounts are secure enough, according to a new Deloitte study, “Loyalty data security: Are hospitality and travel companies managing the risks of their rewards programs?”
Few frequent travelers appear fully aware of the wider risks involved when loyalty data—including travel schedules and other personal data—is lost or stolen. Roughly one in seven (15 percent) are simply concerned that a breach would result in a loss of loyalty points, while the majority of travelers (76 percent) worry about the loss of credit card numbers.
“Our study indicates a disconnect between travelers’ expectations and perceptions about the security of their personal data,” said Charles Carrington, partner, Deloitte & Touche LLP in the Travel, Hospitality and Leisure practice and author of the study. “Travelers consider protection of their physical security a basic expectation when they’re in a hotel or in the air. This responsibility now extends into the cyber world. Travel companies increasingly request that customers share a detailed level of personal information. hese same companies need to roll up their sleeves and move beyond mere policy compliance to ensure that customer data is truly secure. Failure to do so could not only frustrate, even endanger, travelers, but also cause serious reputational damage and revenue loss.”
Personal Preferences: Drawing the Line
While rewards programs are often a critical way for airlines and hotels to build customer loyalty, simply offering frequent traveler points is no longer enough. As a result, airlines and hotels are continuously looking for ways to personalize programs and tailor travel experiences. However, the study reveals the low level of trust in these companies’ security standards is restricting the amount and type of information travelers are willing to share.
Most consumers (93 percent) are willing to share travel preferences such as seating choices, and nearly three-quarters (74 percent) are comfortable sharing their food and drink preferences. However, many draw the line at sharing more personal information, such as hobbies (32 percent), geolocation (28 percent), and health and fitness records (7 percent).
Despite millennials typically being more receptive to sharing personal data with companies, the study revealed only a slight increase in the level of trust with loyalty programs—37 percent will share hobbies, little more than one-third (34 percent) will share geolocation, and just 14 percent are comfortable sharing health and fitness records with loyalty programs. Overall, only 40 percent of millennials believe their personal information is secure.
This reluctance to provide more personal details could limit the degree to which airlines and hotels will be able to customize experiences to engage their most valuable patrons and drive repeat business.
A Breach of Data is a Breach of Brand Loyalty and Trust
The study showed that any breach of loyalty data would have a significant impact on the brand involved. Nearly one-quarter (23 percent) of survey respondents said that should such a breach occur, they would be less likely to use the company responsible, and 15 percent said they would be a lot less likely to do so.
“Frequent travelers are often the most valuable customer segment for hotels and airlines,” Carrington said. “Companies that can persuade these customers to share detailed information about their interests, hobbies, and preferences will create a highly valuable and continuous cycle: the more information they gather, the more they will be able to personalize the travel experience, and the tighter their bond with customers. But if they fail to live up to their custodial responsibility to secure customer information, that bond can be shattered in an instant.”
Educating and Engaging the Customer
The study revealed that the lack of confidence consumers have in the security of their frequent traveler accounts is not leading them to be more vigilant in their security practices. Only 21 percent of survey respondents change their passwords at least once per quarter, and more than half (53 percent) use the same password for other accounts.
Additionally, 41 percent of consumers indicated that they had little or no knowledge at all about travel companies’ privacy and security policies of their frequent traveler programs.
These findings present an opportunity for travel companies to educate and engage their customers, communicating with them more openly, making them aware of enhancements to privacy and security measures, and explaining how their data will be used and how it will benefit them. Ideas to improve traveler trust may include rewarding points to customers who regularly change their passwords, offering cyber security monitoring services, or offering reminders or links to change passwords.