IATA accredited members of the Australian Federation of Travel Agents who use Travelport now have access to preferred rates with Travelport Payment Card Security (PCI) Data Security Standard (DSS) compliance service provider, Security Metrics.
Developed to protect businesses and their customers from credit card theft and fraud, PCI DSS is a global data security standard with which all IATA airline BSP card sales must be compliant effective 1 March.
IATA stresses it’s essential for agencies to not store any cardholder data in systems, card reading terminals and filing systems such as Point of Sale terminals and card readers; an agent’s branch networks & wireless access routers; data storage and transmission; paper-based records or online payment applications and shopping carts.
Cardholder data can be stolen from a compromised card reader, filing cabinet with paper records, data in a payment system database, hidden camera recordings or tapped from an agency’s wireless or wired network.
Should a thief retrieve a credit card Primary Account Number or other sensitive data such as the CID (card identification) number, they are able to impersonate the cardholder, use the card and steal the identity of the person, IATA warns.
AFTA members who are Travelport customers can obtain preferential rates online via an application form. Those members will then be contacted by SecurityMetrics to guide them through the Self-Assessment Questionnaire (SAQ) which reviews how agents handle and process payment cards and the number of transactions processed annually.
The annual price for the SAQ is US$69.99. Other options include SAQ plus one vulnerability scan for US$119.99, or two to five vulnerability scans at US$199.98. An additional five scans are US$99.00.
After submitting initial details, SecurityMetrics will contact AFTA members directly within 24 hours to provide multi-language support.
