A Secure Solution for Sensitive Data | Travel Research Online


A Secure Solution for Sensitive Data

Travel professionals face many challenges in an increasingly virtual world, and generally have done a good job meeting those challenges.  Use of email and the Internet has allowed many consultants to have clients all over the country.  Yet, one that I continually hear about time and time again is how to obtain sensitive client information like credit card details, especially for those clients not located in the same local area as the consultant.

The most common method of handling this issue involves sending the client a form to be completed and mailed or faxed back.  Some consultants have developed the use of a fillable PDF form that can be emailed.  Others rely on a web-based form for non-sensitive information such as name and address, and then call the client for payment details.

 Steve Mencik has developed a solution that results in a better experience for both the client and consultant, as well as improves the security of client information.   His company, JSweb Technology, provides secure form hosting for online transactions.  In basic terms, a form is created on a secure website.  When a client visits the form, they can submit the information and it is stored in a secure database until the consultant accesses it.

Just about any method of transmitting credit card information or other sensitive details involves some security risk.  A fax can be intercepted by someone else, if an office is shared.  Email, as we know it, is not a secure method of communication, even if a PDF form is used to transmit the data. Many people use fax to email services, so a client might think they are secure by sending a fax, when in fact it goes to a service that turns it into an email before sending to the consultant.

Mencik, who has an extensive background in computer security, developed this service in 1999 as a solution to his own business needs.  He has made the service available to business owners with a need to transmit secure client data over the Internet, and does so for a very small cost. 

Mencik develops a form (or modifies a form developed by the consultant) that will request the information needed and hosts it on JSweb’s secure server.   When a client uses the form to provide information, an email is generated to the consultant letting them know new data is avaialbe.  They visit their account and view and download the data, after which it can safely be deleted from the database.  Unlike other services available like PayPal, Mencik’s system is not a merchant account.  It does not process client credit cards, but rather provides a way to transmit data securely between client and consultant without risking exposure. Both the connection used by the client to provide the data and the connection used by the consultant to retrieve the data is protected by SSL.  In addition, the consultant must provide a username and password that they choose during the form setup process. The username and password is protected by the SSL connection. The data provided by the clients is encrypted and stored in a file on the secure server in a place that cannot be directly accessed via the web. That is, there is no URL anyone could enter to get to that file. Each consultant’s form has a separate file. There is no co-mingling of data, and each form also has a unique encryption key.

 Many website providers offer a secure website product, but Mencik believes his service has benefits that make his system a better choice.  “Even with your own secure server, you would need to develop the scripts that would encrypt the information, save it to a file, and also the scripts that allow you to retrieve it securely. If you have the capability of coding those scripts to be functionally equivalent, then you wouldn’t need my service.”  Menick uses this system with his own businesses, including The Vacation Stop, a full service travel agency in Gambrills, Maryland.

Susan Schaefer of Ships N’ Trips Travel is a travel consultant using Mencik’s secure system to collect client credit card payments for vacations and fees.  She discovered this service when she booked Mencik into one of her cruise groups, and she contacted him about payment with her standard authorization forms, asking him to fax them back to her.  “It is easy for me to send the clients to the web form”, Schaefer said.  She reports the service has worked great for her, noting her only downside is the form contents are not importable into her CRM.  “This is easier on clients, not having to download and fill out the form by hand and then scan it into the computer to email it back to me, or find a fax machine to fax it back.  It’s easier on me, and it provides security that is not available with email and fax.”

This is the best method I have found, to date, to solve the issue of collecting sensitive client data while keeping costs low.  JSweb Technology offers this service for a one time set up fee, plus a $5.00 per month cost, with no minimums or maximums on the number of form submissions.  If you are interested in finding out more, view the demo via the link below or contact JSweb Technology at info@jsweb.net.

Secure Form Demo:  https://secure05.servadmin.com/jsweb.net/sf/demoform.html

Steve Cousino, ACC, CTA, LS is a three-year industry veteran.  He holds Lifestyle Specialist designations in Luxury Travel and Gay/Lesbian Travel, and is known for specializing in cruises, Western European tours, group travel, and culinary-themed travel.  He can be reached  through his website at http://www.JourneysBySteve.com.

Share your thoughts on “A Secure Solution for Sensitive Data”

You must be logged in to post a comment.