Hotel self-service kiosks are being widely adopted by the UK’s hospitality sector, increasingly favoured for their ability to cut down queues, improve operational efficiency, and boost revenue through upgrades and automated services.
If you’re considering rolling out self-service kiosks across your hotel group, data security will be one of your central concerns. They handle a broad range of sensitive information, including payment details, booking information and personal data. As well as the legal compliance requirements, it’s worth remembering that today’s guests are increasingly digital savvy, and well aware of the value of their data, including the dangers associated with its misuse. Strong data protection measures are more important than ever before - in fact, they could even increase customer loyalty to your brand.
With that in mind, let’s start by looking at some of the most common security risks for hotel kiosks, before examining the best precautions to take.
Kiosk data security can be complex, as kiosks deal with sensitive personal information through an interface that connects directly to hotel systems. This combination of public access, payment processing and system connectivity presents several distinct risks that require a diligent, open-minded approach.
The most common data security challenges include:
These can broadly be categorised into digital threats, and more physical ones.
Digital threats are one of the most significant areas of concern when it comes to kiosk data security. Card details and payment information are generally the priority targets for bad actors, but other types of data breaches can be equally damaging. Take the recent case of Ibis Budget Hotels - a security flaw discovered within its self-service kiosks meant that room codes could be openly accessed through the system interface, potentially allowing attackers unauthorised entry to any affected rooms. (Thankfully, it was quickly resolved!)
Some of the biggest digital threats include:
1. MITM / Man in the Middle attacks
With MITM attacks, a hacker intercepts communication between a kiosk and its connected systems. That enables them to view, capture, or even alter data in transit. The result can involve the theft of customers’ credit card details, using captured information to commit identity theft, or tampering with hotel booking systems.
2. Malware injections
Malicious software can infiltrate your kiosk systems through compromised networks or insecure connections to other hotel software. Once installed, it can then capture sensitive
information or open a gateway into your wider hotel systems.
Attackers monitor network traffic moving through hotel systems to identify and capture valuable information; typically payment details or login credentials. It’s more subtle than a man-in-the-middle attack, as it focuses on quietly monitoring network traffic rather than actively altering the communication.
A particular concern for public-facing kiosks in busy places like hotel lobbies, session hijacking can occur when a customer accidentally or unknowingly leaves themselves logged into a session. An attacker can then gain control of this session, and use it to access personal or payment information.
Session hijacking also neatly illustrates one of the most distinguishing characteristics of kiosk data security, in that it bridges the gap between digital threats and physical ones.
In addition to mitigating digital risks, hardware security is also going to be another big priority for you and your team. That includes any tampering with the hotel self-service kiosks themselves, attaching unfamiliar devices to them, or even accessing internal components. Without strong physical protections, this can lead to stolen payment data or compromised systems.
Potential physical threats include:
Attackers can install credit card skimmers or hardware keyloggers onto a kiosk to capture sensitive payment information. When a guest taps or inserts their card, or enters their PIN on
the keypad or touchscreen, these devices then record the details being entered, opening up the risk of fraud or identity theft.
Unsecured USB ports or external connections can allow unauthorised hardware to be connected to your kiosk. Attackers can install devices that extract sensitive data, introduce malware, or otherwise compromise the system.
Not all bad actors are external. Weak password protocols, shared administrator credentials or outdated access permissions can all create opportunities for internal misuse - potentially enabling unauthorised staff or contractors to view, copy or otherwise misuse sensitive guest information.
Screen visibility is a key consideration because it can open guests up to the risks of ‘shoulder-surfing’, where nearby individuals look over their shoulder to see the screen and capture sensitive details like PIN numbers. It’s an especially prevalent concern in low-surveillance areas like quiet lobbies or ticketing stations.
Your approach to kiosk data security should be thoroughly considered - you’ll need to undertake a detailed audit for any specific weaknesses or vulnerabilities in your system, and account for them accordingly. It’s worth saying that these may not necessarily be strictly focused on the kiosks themselves - it may involve overhauling your company’s entire culture around data security, including staff training and password procedures.
If you’re still putting that plan together, here are some of the best steps to start with.
1. Encryption and secure payment processing
Now widely regarded as a bare minimum when it comes to modern data security, end-to-end encryption ensures that sensitive data like card details or guest information remains unreadable as it travels between your kiosk, your hotel systems and your payment platforms. That minimises the risk from (e.g.) MITM attacks, and helps you to maintain compliance with payment processing standards.
Network monitoring tools can give your IT teams full visibility into unusual activity across your systems. They can also analyse traffic patterns and flag any behaviour that may indicate malicious activity or unauthorised access attempts. That gives your team a valuable opportunity to investigate and contain the issue before it potentially spreads to other connected systems.
Network segmentation provides an additional layer of protection by separating kiosk systems from the rest of your hotel infrastructure. If a vulnerability appears within a kiosk, segmentation can prevent attackers from gaining direct access to other critical systems.
This approach helps limit the reach of any potential breaches, and protects key platforms like property management systems, payment processing services and internal business networks.
Session management controls how long a user session remains active on the kiosk. Auto-logout features and session timeouts can close inactive sessions automatically, and secure data wiping mechanisms can also remove temporary information stored during the interaction - drastically reducing the risk of session hijacking or data exposure.
Kiosk placement and visibility
The positioning of your hotel self-service kiosks can have a major influence on their overall security. Placing them in visible, well-trafficked areas of the lobby can increase natural supervision from staff and guests, reducing opportunities for tampering. Placing kiosks near reception desks or staffed areas can also make it easier for your team to notice unusual behaviour.
Tamper-resistant housing and enclosure design
Durable kiosk enclosures are one of the most effective measures against direct physical interference with the kiosk itself. Tamper-resistant housings and lockable service panels can restrict access to internal components such as card readers, ports and cabling, which helps prevent the installation of skimmers or other unauthorised hardware.
Hardware access control
To address the risks associated with outdated permissions and insider threats, it’s a good idea to regularly review access to the kiosk’s internal systems to ensure that it’s restricted to authorised personnel. Role-based access control can allow you to define which staff members can carry out maintenance, updates or configuration changes. That cuts down on the risks of unauthorised staff or contractors using shared or outdated credentials to access, retrieve or alter sensitive data.
Regular inspections and remote monitoring
One of the simplest and most reliable ways to ensure that your kiosks haven’t been physically tampered is to simply conduct regular inspections. That can help you to identify suspicious changes such as loose panels, unfamiliar attachments or signs of interference with card readers or input devices.
It’s an approach that can be neatly complemented by remote monitoring tools, which can provide visibility into kiosk activity and system alerts across multiple locations. Combined with detailed audit logs, this can allow your IT teams to track maintenance access, detect unusual behaviour and quickly investigate any potential security issues.
Beyond the risks from malicious bad actors, you’ll need to give equal weight to the principle of data privacy when it comes to the personal data of your guests. Today’s hotel guests expect transparency around how their information is handled, which means you’ll need to clearly communicate how your systems collect, store and use this data.
The law has been gradually evolving to keep up - the most relevant piece of legislation for companies in the UK and Europe is the General Data Protection Regulation, or GDPR.
Its main principles can be broadly summarised here:
You can find out more information on the regulation on the government’s official webpage on data protection. If you need more in-depth assistance on how it specifically affects hotel self-service kiosks, you might find it helpful to get in touch with a legal firm that specialises in data protection. Their team should be able to give you some valuable peace of mind on how to handle your guests’ personal data.
At Evoke, we design our kiosks with strong security and privacy in mind, whatever their intended environment or application. What’s more, with our concept development and white-glove proof of concept services, we can work closely with your team to address any specific security concerns you have about the rollout of hotel kiosks across your premises.