PCI DSS Compliance

November 2017, Wednesday

Dear Customer,

With fraud and hacking costing the industry an estimated $1bn annually and growing, maintaining a set of security standards to combat this criminal activity is critical when dealing with customer credit card information. That is why the Payment Card Industry Data Security Standards (PCI DSS) have been developed. In its latest version, a more secure encryption protocol, Transport Layer Security (TLS) 1.2 or higher, will be required in order to meet the PCI DSS compliance obligations from 30 June, 2018.

IATA has also issued a resolution stating that any IATA agent that accepts card transactions against its own merchant agreement or issues Billing & Settlement Plan (BSP) card transactions will fall under the PCI DSS compliance obligations. It has stated that failure to comply with these by 01 March, 2018 will result in the issuance of an administrative non-compliance and could lead to the removal of card as a form of payment.

Supporting you on your journey towards PCI DSS compliance

We each have responsibilities to ensure compliance with the new PCI DSS standard and IATA resolution. Travelport is serious about data security, so to facilitate your continued compliance with the new PCI DSS protocol, we will be releasing new versions of Galileo SSL and Travelport Smartpoint in early November. You will need to upgrade to the latest version of Galileo SSL and Travelport Smartpoint prior to 01 March, 2018 to be ready for the new security standards.

Please also be aware that you may need to upgrade the version of your Microsoft Operating System or .NET Framework from the one you use currently.

Maintaining your compliance

To help you meet the criteria for IATA compliance, Travelport has partnered with SecurityMetrics, a leading provider and innovator in data security, who offer PCI DSS Certification services. As a Travelport customer you can obtain PCI DSS Certification services at preferential rates via our unique referral program. 

Are you ready? To find out more about what you need to do, visit: www.travelport.com/pcidsscompliance and also look out for further communications from us as we support your implementation of these critical security measures.

 

Regards,

Travelport Indonesia