fraud and data breach
Alexandra Fitzpatrick

Dealing with card data breaches and hackers in the travel industry

November 23, 2017

All too often we hear of data breaches and hackers attacking businesses. Year on year hackers are developing smarter tools to break down firewalls and even sell malware online to other would be hackers.

The travel industry is no exception to this criminal activity. That’s why it’s important that travel agencies are protected as much as possible and that’s where PCI DSS compliance can help. Although going through PCI DSS certification is a learning curve, it will help provide valuable steps to maintain compliance throughout your business.

PCI DSS (Payment Card Industry Data Security Standards) have been designed to protect businesses and their customers from card theft and fraud. PCI DSS is a global security standard that all businesses or service providers that store, process, or transmit payment card data are required to comply with – regardless of business size or the amount of annual payment card transactions. More than checking for vulnerabilities online, PCI DSS is about the process and access to payment data throughout every touch point.

With fraud and hacking costing the industry an estimated $1bn annually and growing, maintaining a set of security standards to combat this criminal activity is critical when dealing with customer payment information.  Indeed, 40% of the industry cite fraud as one of their biggest concerns, rising to 46% for OTAs and other companies that principally sell online[1]. Fighting fraud is laborious and costly exercise, but for a travel company its prevention is better than cure as the consequences of fraud could be disastrous for its business.

Travelport take cyber security very seriously and are continually developing new projects for our customers to also manage fraud and increase card payment authentication. Key to this and our commitment to help our customers’ businesses operate within a compliant environment, is our PCI DSS certification program in partnership with SecurityMetrics.

Together with SecurityMetrics, we have developed an approved PCI Wizard service to help our customers’ businesses achieve PCI DSS certification. Making what is a considered to be a very complex process, as simple, low cost and streamlined as possible. Empowering agency customers to adhere to industry regulations to meet and retain compliance, enabling them to and become a trusted partner to their customers. Especially when it comes to card payments and day to day cybersecurity.

Protecting your business against fraud also protects your customers as well as your reputation. Our customers can start their PCI DSS assessment online at

Further information on Travelport’s PCI DSS Certification Program can be found here:


[1] Phocuswright Payments Unsettled Report, 2013