Deloitte Survey: Where There is Reward for Travel, There is Risk
Only one-third of consumers feel their frequent traveler accounts are secure enough
Three-quarters (75 percent) of frequent travelers expect their loyalty program data to be secured to at least the same standard as a financial institution – but only 33 percent feel their accounts are secure enough, according to a new Deloitte study, "Loyalty data security: Are hospitality and travel companies managing the risks of their rewards programs?"
"Our study indicates a disconnect between travelers' expectations and perceptions about the security of their personal data," said Charles Carrington, partner, Deloitte & Touche LLP in the Travel, Hospitality and Leisure practice and author of the study. "Travelers consider protection of their physical security a basic expectation when they're in a hotel or in the air. This responsibility now extends into the cyber world. Travel companies increasingly request that customers share a detailed level of personal information. These same companies need to roll up their sleeves and move beyond mere policy compliance to ensure that customer data is truly secure. Failure to do so could not only frustrate, even endanger, travelers, but also cause serious reputational damage and revenue loss."
Personal Preferences: Drawing the Line
While rewards programs are often a critical way for airlines and hotels to build customer loyalty, simply offering frequent traveler points is no longer enough. As a result, airlines and hotels are continuously looking for ways to personalize programs and tailor travel experiences. However, the study reveals the low level of trust in these companies' security standards is restricting the amount and type of information travelers are willing to share.
Most consumers (93 percent) are willing to share travel preferences such as seating choices, and nearly three- quarters (74 percent) are comfortable sharing their food and drink preferences. However, many draw the line at sharing more personal information, such as hobbies (32 percent), geolocation (28 percent), and health and fitness records (7 percent).
Despite Millennials typically being more receptive to sharing personal data with companies, the study revealed only a slight increase in the level of trust with loyalty programs – 37 percent will share hobbies, little more than one-third (34 percent) will share geolocation, and just 14 percent are comfortable sharing health and fitness records with loyalty programs. Overall, only 40 percent of Millennials believe their personal information is secure.
This reluctance to provide more personal details could limit the degree to which airlines and hotels will be able to customize experiences to engage their most valuable patrons and drive repeat business.
A Breach of Data is a Breach of Brand Loyalty and Trust
The study showed that any breach of loyalty data would have a significant impact on the brand involved. Nearly one-quarter (23 percent) of survey respondents said that should such a breach occur, they would be less likely to use the company responsible, and 15 percent said they would be a lot less likely to do so.
"Frequent travelers are often the most valuable customer segment for hotels and airlines," continued Carrington. "Companies that can persuade these customers to share detailed information about their interests, hobbies and preferences will create a highly valuable and continuous cycle: the more information they gather, the more they will be able to personalize the travel experience, and the tighter their bond with customers. But if they fail to live up to their custodial responsibility to secure customer information, that bond can be shattered in an instant."
Educating and Engaging the Customer
The study revealed that the lack of confidence consumers have in the security of their frequent traveler accounts is not leading them to be more vigilant in their security practices. Only 21 percent of survey respondents change their passwords at least once per quarter, and more than half (53 percent) use the same password for other accounts.
Additionally, 41 percent of consumers indicated that they had little or no knowledge at all about travel companies' privacy and security policies of their frequent traveler programs.
These findings present an opportunity for travel companies to educate and engage their customers, communicating with them more openly, making them aware of enhancements to privacy and security measures, and explaining how their data will be used and how it will benefit them. Ideas to improve traveler trust may include rewarding points to customers who regularly change their passwords, offering cyber security monitoring services, or offering reminders or links to change passwords.
For additional information or to download a copy of the study, please visit: www.deloitte.com/us/managingrisksrewards
About the Survey
In April 2014, Deloitte conducted a survey of more than 1,000 customers in the United States who stayed at a hotel for at least 26 nights or more in the past 12 months, or flown more than 25,000 miles in the past 12 months, are a member of at least one hotel or airline loyalty program, and were born between 1924 and 1995. The survey uncovered their views on security and privacy practices of frequent traveler plans. The information obtained during the survey was taken "as is" and was not validated or confirmed by Deloitte.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.