Collecting passenger data can help airlines’ customer service and profitability soar, but as Cathay Pacific hack shows it can be a risky strategy
- Airlines are widening scope of data they collect from passengers, ranging from favourite cities and travel patterns to in-flight habits such as use of on-board Wi-fi and shows watched
- But if it goes wrong, they could find themselves managing the fallout of a data breach and scrambling to win back passenger trust
Data has the potential to be valuable cargo to airlines but the cyber hacking crisis that engulfed Cathay Pacific Airways in October has shown there is considerable risk along with reward.
Cathay CEO Rupert Hogg, speaking to the Post when he was second in command at the airline in December 2016, saw data as key to transforming the business and better understanding its customers – and ultimately making money from the information it had taken on board.
“We would love to know [more about our customers, information] that probably sits there and we just don’t know about it,” he said of the airline’s inexperience at making the best use of data.
“Intelligent businesses these days are looking for opportunities to use technology to drive ... real customer insight into the business, and that is something we’ve embarked on,” Hogg said at the time.
“The opportunities to do these things these days are much greater because of technology and the efficiencies and the ability to have much more data to analyse.”
The airline claimed to be able to process the equivalent of 3.5 billion double-sided sheets of paper worth of customer data in an instant.
A short hop to the present and Hogg is managing the fallout from a cyberattack the airline suffered in March, while also trying to win back the trust of millions of customers caught up in the incident. The airline faced heavy criticism for not revealing the hack at the time, instead waiting seven months before going public.
Hackers accessed combinations of information including passengers’ names, nationalities, dates of birth, telephone numbers, email and home addresses, frequent flier programme membership numbers, passport numbers, Hong Kong ID card numbers and expired credit card numbers. Experts concluded that because the data was piecemeal the risk of fraud or theft was low.
For airlines, the information they hold combined with other data is lucrative – a “gold mine” worth US$100 billion, transport analyst Corrine Png estimated last year.
Airlines are in different stages of a race to monetise the information they hold, using individual passenger names, emails, addresses, flights and credit card information to easily determine which flights you would buy and how much you would be willing to pay, airline data analyst Mark Ross-Smith said.
“Airlines are at varying degrees in their data commercialisation journey,” said Ross-Smith, formerly the Enrich Loyalty frequent flier business head of Malaysia Airlines, who worked daily on customer data and trends to generate bigger profit margins for the airline.
“They look at what type of activity you have – bookings, air miles earned – and look for patterns between you and other members.”
Smarter companies knew the riches came with risk, said Andrew Herdman, director general of the regional industry body the Association of Asia Pacific Airlines.
“We talk a lot about ... exploiting big data and providing more customer service but it’s also a reminder that big data is potentially a big liability. You’re sitting on individual pieces of information that collectively represent something valuable. If you get a breach you can lose huge quantities. The questions are what is the real value of the data and how do you secure it.”
Air Canada, British Airways and Delta Air Lines have all suffered data breaches which combined affected about 2 million victims, but Cathay Pacific’s announcement in October that a repeated attack throughout March to May this year was a new low – the largest compromise of airline passenger data yet, with about 9.4 million people affected.
Dr Joe Leader, CEO of the industry group Airline Passenger Experience Association, said while airlines had been on the back foot on the data front, it was being used to make products and services better.
“The problem for airlines has been that the data has not been utilised. Big data that is siloed and under-utilised does not serve passengers well,” he said. “The advances the airlines are taking now are beginning to leverage the data to better serve their customers.”
Cathay Pacific has said its digital feedback forms – where it could identify spikes in passenger comments, typically complaints – enable it to take corrective action quicker.
From traditional data collection to public information, what people post and share on social media was seen as a key area for the airline to tap.
“[The customer] has the opportunity to inform other passengers on social media. So clearly, that customer insight I am talking about and the ability to understand those things is the next step of how we can improve our customer proposition,” Hogg said.
Airlines are widening the scope of data they collect from passengers, ranging from pre-flight – booking information, favourite cities, travel patterns and seat preferences – to in-flight, such as use of the on-board Wi-fi to TV shows and films watched. More e-commerce tactics would be deployed in future as airlines make it easier to order food and drink as well as shop on board, through TV screens.
Giving a snapshot of the airline’s current capabilities and how much it still revolves around guesswork, Cathay Pacific’s general manager of digital Leslie Lu said in a staff magazine last month: “If I see you’re away from Hong Kong in December, I might suspect you are a skier. Let’s send you an offer.”
He explained the airline was starting to make assumptions on travel patterns that might not always yield results. “So I try something else. It’s a trial-and-error mindset,” Lu said.
Lu spoke of the “greater game” being fought out.
“Companies [are] desperate for data but customers are reluctant to give it up, either because they’re too busy, they value their privacy or they’re just not very interested in what you have to offer.”