m, data security, climate change and crisis management. Ian Taylor reports from Lisbon


‘Data must be secure to create seamless travel’


Trust in data security is key to developing a more seamless experience for travellers, industry leaders have been told.


World Travel & Tourism Council


(WTTC) president and chief executive Gloria Guevara identified seamless travel as a top priority for the sector, telling the WTTC Europe Leaders’ Forum in Lisbon: “Iata forecasts an additional 1.5 billion air passengers in Europe by 2036. Are we going to grow the number of airports 100%? “We need to be more efficient so passengers can walk through an airport and not [have to] show their passport five times.” Kimmo Maki, president and


chief executive of Finnish airport


operator Finavia Corporation, said: “The technology is already there. We need to prove it is safe and secure. We piloted biometric recognition. The challenge is how to handle this private data and provide trust for passengers that this data is secure.” Portuguese MEP Claudia


Monteiro de Aguiar agreed, saying: “We’re dealing with SMEs that have a big challenge to maintain security on this data. We also have to change some mindsets. The technology is there, but there are people not so open-minded to implement it.” Bento Correia, chairman of biometric technology company Vision Box, told the forum: “It’s possible to achieve seamless


GUEVARA: ‘Passengers shouldn’t have to show passport five times’


travel, but it is not easy. A lot of stakeholders have to participate. Just working with governments is not enough. We work with governments, airlines, airports, security companies.” Miguel Frasquilho, chairman


of TAP Air Portugal, said: “The stakeholders have been doing things separately.” He added: “The current solutions


are designed around people having a digital ID. But 1.5 billion people in the world don’t have a digital ID. Maybe this needs to be reassessed.”


COMMENT: British Airways is in trouble


By Ian Taylor, executive editor, Travel Weekly


The data-security breach that saw British Airways lose the bank details of 380,000 customers between August 21 and September 5 “might be the worst financial data breach of all time”, according to at least one cybersecurity expert. BA gave public notice of


the breach on September 6 so it complied with the EU General Data Protection Regulation (GDPR) requirement to give notice within 72 hours. Unfortunately, that is about all the airline appears to have got right.


The carrier did not just lose


customers’ personal details and credit card numbers, it lost the CVV security codes designed to protect against online fraud. Merchants are not supposed to


retain these. Payment card industry safety standards prohibit it. BA insists it did not store the


codes. In which case, they must have been scraped as customers keyed them in or intercepted as they were sent for authorisation. Tech security firm RiskIQ claimed


to have identified the attacker as a credit-card skimming group that rewrote code on BA’s site. BA declined to comment. Another security researcher


suggested responsibility lay in a vulnerability on BA’s web server. Banks had to issue hundreds of thousands of replacement cards. The head of a major UK travel company had to cancel four credit cards and on September 13 said he had still not heard from BA. Several banks cancelled all


cards used on the BA site and app without waiting to hear from BA. But Santander noted that replacing the cards “mitigates this risk [of fraud], it does not eliminate it”. In an email to customers,


BA chief executive Alex Cruz promised compensation to those who “suffered financial losses”. But the UK Information


Commissioner’s Office (ICO) said it will consider not just financial losses but “the extent of any exposure to physical, financial or psychological harm”. The ICO has the power to impose a fine of up to 4% of global turnover – £500 million in this case. Multiple lawsuits and class actions appear certain. The banks are also sure to seek recompense. Beyond BA, the


breach raises wider questions about the rush to digitise and connect every aspect of air travel.


Dealing with crises and climate change are WTTC priorities


World Travel & Tourism Council (WTTC) president and chief executive Gloria Guevara identified ‘crisis preparedness’ and action on climate change as priorities alongside the development of ‘seamless travel’. She hailed 2017 as the


seventh consecutive year of growth in travel’s contribution to the global economy but said: “The challenge is to ensure growth is maintained.” Guevara told the WTTC


Europe Leaders’ Forum: “Crisis preparedness is a priority. When private and public sectors are prepared, recovery is quicker.” Guevara will address Abta’s


Travel Convention in Seville next month on ‘The Growth Challenge’. ■ The Travel Convention 2018, October 8-10, Barceló Convention Centre, Seville: thetravelconvention.com


20 September 2018 travelweekly.co.uk 71


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80