PCI DSS Compliancy

Are you ready?

With fraud and hacking costing the industry an estimated $1bn annually and growing, maintaining a set of security standards to combat this criminal activity is critical when dealing with customer credit card information. That is why the Payment Card Industry Data Security Standards (PCI DSS) have been developed. In its latest version, a more secure encryption protocol, Transport Layer Security (TLS) 1.2 or higher, will be required in order to meet the PCI DSS compliance obligations from 30 June 2018.

IATA has also issued a resolution stating that any IATA agent that accepts credit card transactions against its own merchant agreement or issues Billing and Settlement Plan (BSP) card transactions will fall under the PCI DSS compliance obligations. It has stated that failure to comply with these by 01 March 2018 will result in the issuance of an administrative non-compliance and could lead to the removal of card as a form of payment for your agency.

Supporting you on your journey towards PCI DSS compliance

We each have responsibilities to ensure compliance with the new PCI DSS standard and IATA resolution. Travelport is serious about data security, so to help facilitate your continued compliance with the new PCI DSS protocol, we will be releasing new versions of Galileo SSL and Travelport Smartpoint (for Travelport Apollo and Galileo users) in early November. You will need to ensure you are using the latest versions of Galileo SSL and Travelport Smartpoint prior to 01 March 2018 to be ready for the new security standards.

Please also be aware that you may need to upgrade the version of your Microsoft Operating System, .NET Framework or Internet Explorer from the one you use currently. Access the appropriate links below to learn more.

Maintaining your compliance

To help you meet the criteria for IATA compliance, Travelport has partnered with SecurityMetrics, a leading provider and innovator in data security, who offer PCI DSS Certification services. As a Travelport customer, you can obtain PCI DSS Certification services at preferential rates via our unique referral program.

For more information on how to ensure that you meet the requirements and deadlines for PCI DSS compliance please read more below.