Data Breaches Target Hospitality Industry – What Can be Done?

The Hospitality Industry has been and will continue to be a target of data breaches. Business owners need to assess the risk a data breach will have on their business. As you will see below, Clarity EPS, powered by CardConnect, offers a patented solution for tokenization and encryption combined with Point-to-Point Encryption.

New Verizon Report Sheds Light on Hospitality-Industry Data Breaches

In today’s highly technological world, data breaches are becoming more commonplace. The theft of personal data and how that data will be used is a very real and worrisome concern.  Too often we hear about the data breach of a large company and how that breach of personal information has left thousands or even millions of customers vulnerable. One need not look further than the recent breaches of Chipotle, Saks Fifth Avenue, Kmart and Gmail, to name a few.

Data breaches can result in significant monetary fines to a business, as well as reputation and brand damage in the event policies are violated or a breach occurs. But data breaches are not limited to large, well-known companies. Any business that accepts credit cards from customers is vulnerable to a data breach if proper safeguards are not put in place to keep customer information secure. In short, consumers are at the mercy of businesses to secure and protect their cardholder and personal information.

There are two ways in which cardholder data can be stolen, either (1) from the magnetic strip on the back of the card or (2) via a data breach. A few years ago EMV was introduced in the United States to help protect against the theft of cardholder data from the magnetic strip of credit cards. This is why all of our banks are converting our credit cards over to chip cards. Doing so protects chip card holders against thieves using devices like “skimmers” at gas stations that lift personal information off of the magnetic strip on a credit card. What EMV does not protect against, however, is a data breach as cardholder data still exists in the system.

Fortunately, the more advanced payment service providers in the marketplace, such as Clarity EPS, offer technology to business owners that can render stolen data useless. This technology, known as Point-2-Point encryption and tokenization, provide an advanced level of security that keeps customer information safe.

Point-2-Point encryption secures a credit card transaction at the point of interaction so that at no point in the transactional process does cardholder data exist. Therefore, it does not matter if the credit card is swiped, dipped or even manually entered. Consequently, in the event a hacker was to infiltrate a business, they would find themselves in possession of useless information.

Tokenization, on the other hand, is the preferred security solution for online/e-commerce transactions. During the processing of an online transaction, sensitive cardholder information is substituted with non-sensitive equivalents or tokens. As a result, tokenization results in an irreversible mathematical process, rendering the information useless to a hacker if they were to break into a system. Clarity EPS, through its partner CardConnect, offers the only solution that is patented.

All too often businesses fail to appreciate the risks when they accept payment by credit card without having the proper safeguards in place. At Clarity EPS we understand the value and role security needs to play in protecting sensitive cardholder data. For that reason, we offer both Point-2-Point encryption and a patented Tokenization solution. As the hackers become more prevalent and sophisticated, so too must the retail establishments that swipe, dip or manually enter transactions and businesses that accept payment over the phone, through the mail or via their website.

Easing the PCI Compliance Burden

An added value of our PCI-Validated Point-to-Point Encryption (P2PE) for both retail (card present) and mail order/telephone order (card not present) transactions is easing the burden of PCI Compliance. To further explain, our P2PE solution removes cardholder data from the transaction cycle at the point of contact, replacing the card number with an encrypted token. Therefore, no cardholder data exists on a business’s system. In the event a breach occurs, hackers will come away very disappointed that they have no access to valuable cardholder data.

At Clarity EPS we understand the complexity of the PCI questionnaires (SAQ), the time it takes to complete the questionnaire, and the frustration it can cause. A huge benefit of implementing our Point-to-Point Encryption solution is that we reduce the SAQ to only 26 questions, creating efficiencies in processing.

About Clarity EPS

Clarity EPS is a leading provider of payment processing and technology solutions, working with businesses of all sizes helping them process payments in a more efficient, secure and affordable manner. We assist businesses in eliminating the guesswork regarding payment processing and provide clear, concise and understandable solutions. Our core values are rooted in honesty, fairness and transparency.

Please visit for more information on our offerings.

Contact: (561) 338-4446 | | Twitter: @clarityeps