Protect your business and your customers
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that accepts, stores or transmits card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID). Your business is required to become PCI DSS compliant by the major card brands (MasterCard Worldwide, Discover Financial Services, American Express, JCB International and Visa Inc.) PCI DSS compliance is designed to protect YOUR business and YOUR customers against payment card theft and fraud. Travelport have partnered with SecurityMetrics a leading provider and innovator in data security and compliance for organizations worldwide. The innovative online wizard tool enables you to achieve PCI DSS compliance as smoothly and effectively as possible at Travelport preferred rates. From US $69.99 with an average cost of US$199.98 depending on your company’s total card sales and number of IP addresses. Since 2000, SecurityMetrics have provided innovative security tools, caring customer support and qualified expertise to enable over 800,000 merchants to achieve PCI DSS compliance.
IATA has mandated that every IATA accredited location that issues Billing & Settlement Plan (BSP) tickets when the form of payment is credit card falls under the PCI DSS compliance obligations.
In their quest to reduce airline fraud, currently estimated costing the industry $1bn annually, IATA have now issued a notice stating any IATA agent that accepts card transactions against its own merchant agreement or issues BSP card transactions falls under the PCI DSS compliance obligations and therefore must be PCI DSS compliant.
This referral program is supported by IATA and Aleks Popovich IATA’s Senior Vice President Financial and Distribution Services, commented: “This type of initiative from our partners is commended and will greatly assist our industry in maintaining PCI DSS compliance at every card payment touch point. It also supports IATA’s rollout of New Generation of IATA Settlement Systems (NewGen ISS) initiative, which represents the most extensive modernisation of IATA’s Billing and Settlement Plan (BSP) since its creation in 1971. I am also pleased that Travelport has agreed to now make this PCI DSS certification tool and referral program available to all IATA BSP agencies globally.”
From 01 March 2018 IATA will monitor compliance, and any failure will result in the issuance of an administrative non-compliance and this can lead to the removal of card as a form of payment, in accordance with Resolution 818g 2.1.18.
All businesses including Non-IATA agents who accept cards under their own merchant agreement need to comply with PCI DSS as well, typically included as a requirement when obtaining their Merchant facility with their bank or other acquirer.
Becoming PCI DSS compliant is not a single event, but an ongoing process. You as a merchant are required to validate your PCI compliance on an annual basis. This includes resubmitting the SAQ and passing the required scans. Although validation is only an annual requirement, you are required and expected to comply with the PCI DSS requirements on a daily basis. This includes monitoring the environment to identify suspicious activity to prevent a data breach.
Our preferred partner SecurityMetrics is a leading provider of merchant data security solutions and will help you understand how to become PCI DSS compliant, offer you multi language support and guide you through the online process so that you can complete the PCI DSS certification process.