By Robert McGarvey

If you haven’t been a victim in a hotel data breach, count yourself lucky. Latest to join the parade s Intercontinental Hotels Group which has confirmed a breach involving some 12 hotels.

The hotels are here.

What’s maddening is that the rash of hotel data breaches in recent months all have the same characteristics.  The attack is on, not the front desk and its computer systems, but point of sale terminals in shops and, especially, bars and restaurants.

Said IHG in its statement: “Findings show that malware was installed on servers that processed payment cards used at restaurants and bars of 12 IHG managed properties.  Cards used at the front desk of these properties were not affected.  The malware searched for track data (cardholder name, card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the affected server.”

Really, it’s time for travelers to protect themselves. Quite plainly we cannot depend upon hotel operators.

Trump Hotels were hit with a couple of breaches.  So was Hilton.  

Starwood, Marriott, Mandarin Oriental and Hard Rock all belong on the victims list.  

Trade publication Hotel News Now charts the many instances of hotel data breaches here.  Its count showed seven in 2015 alone.

Tech company Rippleshot offers a more recent count.

Yet another round up comes from Business Insider.

If you have stayed in any US hotel in the past couple years and especially if you have used credit cards in the restaurants, minutely check your credit card bills.  Very probably you will see charges that aren’t yours because crooks steal credit card numbers in order to put them to use.

Here’s the deal: it has become unwise to use a credit card at a hotel bar, restaurant or shop.  Pay in cash and – loudly – insist that they begin accepting Apple and Android Pay now. Immediately.  That’s because mobile payments, architecturally, are safer than mag stripe transactions and the card number, expiration date, etc – the data sought by thieves – is opaque. What movies through the system are tokens, essentially stand-ins, for the valuable card data.

That’s worthless to a crook.

Hotels also could up guest protection by turning on EMV – chip cards – because, by now, just about all the cards in your wallet are chip and that is a big step up from mag stripe cards.

But I don’t recall ever seeing chip terminals in a hotel shop or restaurant. No surprise. Hotel News Now has reported on the “lag” in adoption of chip ready terminals at hotels.  

What baffles me is why – when there have been so many hotel data breaches – the management companies have not made a full court press to up security at the vulnerable terminals.  There really is no good explanation. Note to hoteliers reading this: Use the comments field to explain why the industry has done such a wretched job handling these threats. Anonymity is possible.

The only explanation that makes sense to me is that hotel operators just have not wanted to invest in security upgrades.  The breaches won’t stop until they do, however, which means no end is in sight.

Which also means it’s up to us to yell loudly about these breaches and also to stop using cards at vulnerable facilities – and tell the staff what you are doing and why.

If you find you must use plastic at a hotel restaurant or shop, just don’t think about using a debit card. Your protections are much weaker than with credit cards – and the amounts debited will come right out of your checking account. It can take days – sometimes weeks – to get those charges reversed.  Leave debit cards in your pocket whenever you in a hotel.  

Bottmline: assume your safety and security are yours to protect whenever you are at a hotel. That includes physical security – and in-room safety cannot be assumed. It definitely means being guarded about the uses to which you put hotel WiFi. But, sadly, it now also means staying wary about using plastic at hotels.  

I just don’t see any deep commitment on the part of the industry to ending theft of credit card data from point of sale systems – and that may mean that whenever you use a credit card at a hotel you may be passing along your data to a crook too.

 

Bankers vs Credit Unions: The Field of Membership Face-off – The Credit Union Forum http://bit.ly/2lnVxXJ My reporting

 

By Robert McGarvey

Nobody knows how much food is wasted at business meetings, conferences and conventions. The fast answer is a lot.  Tons and tons. Some experts guess that at least half the food at a typical conference is wasted and that means tossed out and headed to the landfill.  That’s all the sadder when the estimate is that one in eight American struggles to put adequate food on the table.  

The good news is that there now are first, tentative steps to address  food waste at conferences in particular.  That is good. There also are steps you can personally take. That is better.

But first understand the enormity of the hunger problem,. Eight million Baby Boomers are hungry right now.  On any day, maybe 50 million of us are hungry.  

How much food – really – could be harvested at a conference?  One three day conference at the Rio in Las Vegas recently produced 7135 pounds of rescued food.  That’s three and one-half tons. From just one conference. Hotel Management reported that the food “varied from hot plates of chicken and beef to salads, cheeses, bread rolls and vegetables.”

What’s exciting is that Caesars Entertainment, which operates the Rio, has said it will roll out the food rescue program to its other Las Vegas properties (which include Caesars Palace, Harrah’s, Paris Las Vegas and more) during 2017.

Caesars is not alone.  Loews Hotels also has an initiative.  

In New York, City Harvest itemizes these hotels as donors:  St. Regis Hotel | Crowne Plaza Manhattan | The New Yorker Hotel | Hotel Gansevoort | Millennium Broadway Hotel | New York Marriott East Side | Intercontinental Hotel New York Barclay | Hilton New York & Tower | Intercontinental Hotel | Roosevelt Hotel | Marriot Marquis.  In at least some cases, this may involve surplus food from meetings

But here’s the blunt reality: most meetings venues do not have a program to rescue food.

Meetings have to be a prime target because as any meeting attendee knows most venues pride themselves on always presenting full tables groaning with a bounty of morning bagels and rolls, at lunch even empty places get full plates, and at snacks there are more cookies than anyone should want.

All that is food that may well be discarded.

But much of it can be reclaimed.

There are rules about this. City Harvest, for instance, told me that it will not pick up food that has been plated and put on a table.  

That makes sense and so City Harvest suggests that caterers put out less food – leaving more food in the category that City Harvest will in fact pick up.

Know that this food is generally high quality. A recent conference at Harvard Law – on food rescue – served some 1000 meals to attendees where most of the grub was rescued.  

At the World Economic Forum in Davos, many hundreds of plates of salvaged food were served – with no grumbles.

There are steps you can personally take.  For instance, if you know you won’t be eating the lunch, tell the organizer and ask that the food be donated to a local food bank.

While you are doing that, ask more broadly how the venue handles food surplus – and point out that in most meetings towns there are busy food banks that will happily pick up the extras.

Ask pointed questions. What happens to the bagels and strawberries that don’t get eaten in the morning?  What happens to the many dozens of plated lunches that never get put on tables?  

All this is food that can fill hungry bellies.

The venue says it doesn’t know how to safely recycle its unwanted food? Here’s a city by city guide to organizations that get the job done.

Note: this movement already is lot bigger than you might think. In Phoenix, for instance, Waste Not collects some 6000 pounds of unwanted food at events daily – and that fills thousands of bellies.

Incidentally, in Arizona – and many other states – there’s a Good Samaritan law (passed in 1989) that offers protections against litigation to donors of perishables.  That’s important to know. Some would-be donors say fear of suits stifles their impulse to give but very probably the fears are unfounded.

It really comes down to us: if we pressure venues to rescue and recycle surplus food at meetings most will find a way.  

And that is a big step towards ending hunger, especially in big meetings towns such as Las Vegas and Orlando.  

 

 

By Robert McGarvey

 

The headline in a recent issue of Credit Union Times made my heart smile: “Credit Union Comes to the Aid of CFPB.”  

The fact that this is news is disturbing but it also is fact that it is news because – generally – what I hear from credit union leaders is a deep seated hostility towards the Consumer Financial Protection Bureau and I just don’t get it.

That’s why when Self-Help Credit Union joined with the Center for Responsible Lending to offer support to CFPB in court actions that indeed is news.  

As for the CFPB hostility, it is thick. CUNA for instance has slammed CFPB and, per CuTimes, in the Trump era, it has “painted a target on it.”

The puzzlement is that the only credit union that has been slapped hard by CFPB is Navy Federal, the nation’s largest, which in late 2016 signed a consent decree admitting some unsavory debt collection practices.  Navy was ordered to pay $23 million to affected members as well as a $5.5 million penalty.  

Navy, earlier, had had figured in CFPB reporting over complaints filed against it.  The only other credit unions that rated a mention were PenFed, State Employees’ and BECU and, well, when only four credit unions warrant notice by a regulator this hardly seems a crisis to me.

Besides, CFPB mainly spends its time pursuing very big banks and also sleazy law firms, mortgage lenders and such like. Here’s the list of recent enforcement actions.  What’s not to like in it?

Why were credit unions formed in the first instance? Because banks largely ignored the financial needs of working Americans and often, too, they ripped them off as opportunity arose. So the bold and noble idea took hold that the cooperative framework could be harnessed to enable workers to lend to workers and to offer kindness wherever possible.

In the height of the mortgage crisis I recall conversations with numerous credit union CEOs who told me they were working hard to never foreclose on a mortgage, to find smart ways to restructure members’ loan agreements, to do what could be done – legally -to help people stay in their homes.

And they meant what they said.

Bankers, meantime,issued statements assuring shareholders that their interests were protected.

It’s a wholly different world, credit unions versus banks.

CFPB of course has a $10 billion size threshold before it exercises direct supervision – and that is about five credit unions.  Out of roughly 5900.  That means about 5900 have no direct relationship with CFPB.  

Credit union operations experts tell me that – as Marvin Umholtz elaborated – “nearly all of CFPB’s rulemakings affect CUs of all sizes.”

I’m sure that’s true and I am also sure many credit union executives – most – resent yet more layers of federal supervision and mandatory compliance steps.

I don’t blame them.  

But here’s the deal: CFPB is in the business of doing what credit unions also are supposed to do. Watch out for and help protect Americans who need help in navigating the financial services universe.

The other day the New York Times ran an editorial, “Hands Off the Consumer Finance Bureau.”  

The Times, in the piece, said that Republicans in Congress want to fire Cordray, the CFPB chief, and weaken the agency.  That would be a mistake, said the Times: “The consumer bureau is the only federal agency with the sole mission of looking out for the interests of ordinary Americans in their dealings with banks and other lenders.”

The Times added; “Mr. Trump would do well to let Mr. Cordray finish his term. After all, he has done a very good job protecting ordinary people from the powerful elites Mr. Trump spent much of his campaign raging against.”

These are thoughts credit union leaders need to mull. It is easy to rail against CFPB and regulation. But what if CFPB’s chief enemies are also the enemies of credit unions and many of their members?
What if….

By Robert McGarvey

 

The next trip I take overseas I will use my Irish passport and I probably will also try to polish my Irish accent.  I am feeling ever less safe as an American and that is because even my friends who are living abroad are heaping calumny on US citizens, mainly because of actions taken by President Trump, notably his ban for 90 days on citizens from seven predominantly Muslim countries from entering the US.  

Trump also called a halt to all refugee admissions for 120 days.  Syrian refugees are barred indefinitely.

You know about this. Who doesn’t? Protests erupted at many US airports and also airports abroad.  

One survey says that fewer than 30% of Americans support the ban and that should be unsurprising because there isn’t much to like about it.

And now things are different today, I believe, for American travelers abroad.

For years I have heard mockery of US presidents abroad – George W Bush was a favorite target in London pubs, for instance, but I have to say I heard plenty of laughter about Bill Clinton in Munich coffee shops.

Now I am not hearing laughter. I am hearing anger. Despair. Something bordering on hatred. A view of the US as a bully nation.

I can’t argue with those feelings and even though I am an American citizen, I will be leaving that credential at home for the foreseeable future.

I am waiting until the US’s international reputation is on the mend.

I am all for making the US safer but I see absolutely no gain to be had in banning all admissions from Iran, Iraq, Libya, Somalia, Sudan, Syria and Yemen.  15 of the 19 hijackers involved in 911 were Saudis. Saudi Arabia is not on this list.

Neither is Pakistan.

But – really – the whole idea of a total ban on certain countries makes no sense,  Just as a freeze on refugee admissions makes no sense. This reminds me of something I did 40 years ago when I lived in a cockroach infested Washington DC apartment and one night, in an angry despair as I watched yet another roach scamper across the wall, I flung the beer bottle that happened to be in hand at the creature.

The bottle broke. The mess – glass, beer – was substantial.  Of course I missed the roach.  

I see this Trump executive order as a moment where the beer bottle flies at the roach and misses it.

We are left to clean up the mess.

What I really don’t get is why Trump did not command extensive use of big data analytics to thoroughly vet incoming passengers. As far back as 2008, experts talked about the clear benefits in homeland security that can result from data mining.

Does this involve a violation of privacy? It doesn’t have to.  The public web is full of information – about me, you, most everybody we know.  Will this information help pinpoint who should be singled out for intensive vetting? You bet it could.

And it can happen in real time. Intelligently. With minimal – maybe no – disruption to most travelers.

With air travel, the US government knows who is flying in from abroad and what their passport/visa status is. That’s plenty of information to initiate a vetting of public web data and how hard is it to write a program that flags some people – a small number – for detailed interviews on arrival?

Then tap into a few non public databases – Interpol, the FBI, etc.

Only a handful of people will be inconvenienced in this search and, in most cases, there will be a prima facie good reason for it.

There’s no need to discriminate against whole countries and people.

And maybe even the people who are singled out will accept it.

I know, maybe 10 years ago, I was pulled out of an arrivals line in Puerto Vallarta and taken into an office for questioning.  As best I could figure out (my knowledge of Spanish is poor) a records check had unearthed somebody with the same last name who had an outstanding warrant.

Last name.  Not first and last. Not first, last and middle initial.

Just last name,

After five minutes of questions, the police told me to get on my way.

Was I mad? No.  A little puzzled – I’m still puzzled – but it was no big deal.

People will forgive intrusions that have a justification (however slender).

Banning everybody from Iran is just plain dumb.  Maybe even cruel and unusual.  How many enemies will this make the US?

Ditto for banning refugees. That’s dumb and cruel.

And there is absolutely no security benefit to be had.

That’s the deadend of the Trump executive order.  It inconveniences hundreds of thousands but it benefits nobody and this “self-inflicted wound” just may bring us a bumper crop of enemies.

And for those of us who travel overseas, be ready for a bucket of anti American slop to be poured on you, pretty much wherever you go,

Me, I will travel on my Irish passport and sidestep the slop.

 

How to Save Thousands of Small Credit Unions – The #CreditUnion Forum http://bit.ly/2kHNKUi my reporting

Here’s how to protect your ATMs against new malware – CUInsight http://bit.ly/2ko0She

6 tips for beating the digital banking bogeyman – CUInsight http://bit.ly/2kHIQH6 My advice for #creditunion execs

By Robert McGarvey

More reports trickle in about employers that are requiring employees to purchase the so-called basic economy, barebones airfares that usually mean a middle seat, no overhead bin storage, and still less.  Word of advice: just say no.  Push back against that employer want and, honestly, it just is bad for business anyway.

I can’t see business travelers voluntarily opting for basic economy – right now I see the push coming from corporate bean counters and they know they won the fight to herd most of us into coach.

When I fly, it almost always is in coach. I don’t see clients that will spring for front of the plane seats and, although I initially grumbled, I have resigned myself to the inevitability of coach.  So did most other business travelers – which is why the bean counters triumphed.

But a line needs to be drawn against basic economy – even if the bean counters are eyeballing this as a new cost-cutting battleground.

Don’t say you can’t win this fight. You can.  Business travelers have won fights before, notably – in most cases – the right to keep rewards miles and spend them on personal travel.  As far back as the 1980s, some organizations tried to seize those miles . In 1990, the New York Times even ran a story headlined, “Most Employers Covet Frequent Flier Bonus Miles.”    

The dust up continues  today.but, frankly, most employers beat a retreat from this demand in the face of strong employee pushback. Acting as one just about all of us fought to keep the miles – and employers heard us.

Solidarity made the difference.

That same resistance can be harnessed to fight back against basic economy. I know many organizations require their people to use the cheapest available fare, or something very close to the cheapest.  That’s fine, in my mind, particularly when the employer tempers the requirement with common sense, mainly rooted in travel time.  It just is dumb to force an employee to buy a one stop flight from EWR to PHX even if the fare is $100 cheaper, possibly as much as one third less.

But that cheap flight also often is two or three hours longer.

It’s bad business to require business travelers to book flights with stops because they are cheaper.

It’s also bad business to require business travelers to fly basic economy.

I’m not the only naysayer. JoeSentMe.com business travel blogger Joe Brancatelli recently said: “Basic Economy is not a new, cheaper fare that the three remaining legacy carriers have introduced. All they’re doing is taking their existing cheapest fare in a market, stripping out functionality and rebranding it.

You’re not saving any money if you buy Basic Economy. You’re just getting less than ever.”

Brancatelli is right.

Although the big carriers basic economy fares differ in nuances – Delta for instance allows an overhead bag, United doesn’t; American also bans overhead bin use, except for elites and holders of some AA credit cards – the bottomline is that there is no advance seat selection.

And you can’t upgrade seats, even with reward miles.

To me, what that does is eliminate the possibility of doing inflight work and – pretty much always – I work inflight.  I often use the time to write a blog, I frequently catch up on business reading, and I may, if I have splurged on WiFi, do email.  But comfortably doing such tasks requires – in my mind – an aisle seat,

I can’t imagine working from a middle seat.

I also can’t imagine not getting access to the overhead bin because it has been some years since I checked a bag and doing that adds maybe 30 minutes to a trip, time typically spent at a baggage carousel. Those are minutes I do not need to lose.

There also will be a bag check fee for many passengers and that naturally eats away at the savings that basic economy is supposed to deliver.

Tickets typically cannot be changed either and, for a business traveler, that may be a deal killer. Of course I have grumbled about change fees – who hasn’t, aside from Southwest passengers? But these basic economy fares often allow no change. Period.

There are more take-aways involved with basic economy. Some carriers – United for instance – don’t allow basic economy flights to count towards elite status.  American counts Basic Economy flights towards elite status, but elite qualifying miles are earned “at a reduced rate of 0.5 per mile/flight segment flown.”

For me, the elite status issues are no big deal – I have sworn off status for 2017 – but for many others this will be another deal killer.  

Add up the plusses – supposedly a cheaper fare – and the negatives and obviously the carriers have stacked basic economy to appeal no to business travelers but to leisure travelers who are determined to pay the least possible to fly.  

Just say no if orders come down to book basic economy to save the company a tiny amount of money money.  

And urge other business travelers to do likewise.

We have nothing to lose but the middle seats.

 

by Robert McGarvey

 

The question gets louder in my head: Are we finally at the end of the era of mass business travel?

Of course you are skeptical.  Who isn’t? We have heard that business travel was nearing its demise for years, certainly since September 11, 2001 and, really, it started earlier, probably around the birth of the commercialized web in 1996.

It did not happen. Not in 1996. Not in 2001.  Not in the Great Recession of 2008.

And, yes, I know industry execs are forecasting a 2017 uptick in business travel.  What else did you expect?

What I see however is that, little by little, business travel has lost favor – with corporate budget mavens, with business travelers themselves, with their families.

This is a multi-pronged attack.  That’s why I am beginning to think that in fact we may be in the last years of business travel as something we all do often because that’s the way of the work world.

Certainly that’s what I believed when I was sent off on my first business trips decades ago.  I did not question that it had to be done.  I did not know anyone who did.

We packed our bags – for some years I kept a permanent packed and ready to go carryon – and when the boss or a client yelled, off we went.

That obedience is weakening.

Partly it’s because, technologies have emerged that have made some kinds of business travel pointless. If you are of a certain age you probably recall spending two or three days in a meeting room where you – along with maybe 50 or 100 others – learned how to use Microsoft Excel, or maybe Word.  Possibly if you are even older it was WordPerfect or Lotus 123.

Two problems with those classes: they were fantastically expensive in terms of travel costs (hotel, air, meals) and just about everybody who ever took one wondered why he/she could not have done this at home, with video via the Web or maybe even a videotape.  Even in 1990 you had to think that.

Scratch that kind of travel entirely in 2017.

But watch as more kinds of travel also vanish.  That’s the thing: whole classes of travel are getting crossed off the to-do lists.

For instance: staff meetings nowadays too are usually done via videoconference with perhaps a once yearly in-person get together.

Expect still others to vanish.

John Custer, a vice president at ComplianceBridge.com, sighed: “I don’t think we have hit the end of business travel yet but new technologies coupled with tech-savvy younger buyers (consumers) are driving a lot of travel out of the equation.”

Custer’s right about technology. Technologies that connect us – often via smartphones – have multiplied. From Skype to Facetime to Whatsapp, there has been an avalanche of tools that let people connect, in real time and, if they wish, with audio and video.

Are they the same as being there? Obviously not.  But they just may be good enough.

Time for a loud, protesting interruption. Sales reps will insist there’s no closing new business without a face to face.

Do you believe that? In 2017?

Let me ask you this: would you believe an Internet company in Seattle would trample over countless retailers, established department store titans included, and would even triumph in the holiday gifting season?

Many used to say Amazon could sell books, music, but clothing, forget about it. Never shoes.  Not gifts, either.

And now Macy’s is closing more and more stores, as Amazon devours ever more retail categories.

The point: we are in an age where massive, wrenching paradigm changes are altering the realities we have known.  From broadcast networks to wireline phone companies, established ways of  doing things are turning to dust.

Is business travel on the endangered list?

Many experts will say that maybe domestic business travel will vanish – but trips overseas will still be needed to conclude deals in Munich or Beijing or Mumbai or Santiago.

But for how much longer?

Right now concluding a significant deal with an Indian company probably does require a trip to the subcontinent.  Will it in 2027?

I just don’t think so and, again, it will be time and money both that lead to a sharp reduction in business travel.

But the elephant in this room is the travel generational shift. More than technology, more than money, it is what I think is now rewriting the old rules about business travel and its necessity.  

The travel burden is moving from Boomers primarily to Millennials and everything I am hearing is that the Millennial generation is exceptionally unenthusiastic about business travel.  Many say it has a negative impact on their family life. Add in the reality that they grew up with technology – and deeply understand how it allows connections — and you have to begin to wonder how long the world of business travel will remain unchallenged.

My prediction is that everytime a Boomer retires (10,000 turn 65 daily) and a Millennial is given the job, there will be less business travel.

Nope, it won’t go away.  But Millennials – unlike Boomers – are and will challenge the belief that business without travel can’t happen.

Because they are right.  It can. It will.

And we have nothing to lose but our carryon bags!