• Business Travel
  • Conferencing
  • Incentives
  • Meetings & Events
  • Home
  • About Us
  • Contact Us
  • Home
  • About Us
  • Contact Us
Facebook Twitter Linkedin
Thompsons Travel Blog
  • Business Travel
  • Conferencing
  • Incentives
  • Meetings & Events
Business Travel

3 Things To Know About PCI

8 March, 2018

Payment Card Industry Data Security Standards (PCI DSS) is a global data security standard to protect confidential payment card information against fraud and theft. Airlines have demanded that the International Air Transport Association (IATA) support their own internal compliance project, which is why IATA Accredited Travel Agents now need to become PCI DSS compliant.

“Payment security should be a priority for any organisation, regardless of their industry,” says Chantal Kliche, Retail Manager of Thompsons Travel, Cape Region. “It is vital for organisations to put their customers’ security first and protect themselves through risk mitigation.”

1. What is PCI DSS?

PCI DSS applies to cardholder data, which includes the number on the card, the cardholder name, service code, and validity dates. Some of this data can be construed as personal information as defined by POPI.

Initially, each of the different individual card companies had their own independent security programmes to protect and secure the personal data that they processed and stored. However, with growing concerns around the unauthorised or fraudulent use of cardholder data, the five major card companies formed the PCI DSS Council (the Council) in 2006, which manages, maintains and assists merchants, service providers and other card processors with the safe handling of cardholder information.

2. Does PCI DSS apply to you?

PCI DSS applies globally to all merchants and service providers that process, transmit or store debit or credit card information.

To determine whether you are required to adhere to the PCI DSS, check with your bank which deadlines and penalties apply to you, take immediate steps to assess your current status of compliance and if necessary, implement internal policies and procedures to ensure that you meet requirements.

3. What are the compliance objectives?

The six high-level objectives of PCI DSS compliance are to:

  1. Build and maintain a secure network
  2. Protect cardholder data
  3. Maintain a Vulnerability Management Programme
  4. Implement strong access control measures
  5. Regularly monitor and test networks
  6. Maintain an Information Security Policy

“If you comply with PCI DSS you will more than likely comply with certain conditions of POPI,” says Kliche. “However, it is important to note that PCI only applies to cardholder data, while POPI applies to personal information at large – a much more significant category of information.”

Thompsons Travel is PCI DSS compliant. Please contact your Account Manager for more information on the steps we have taken to safeguard sensitive cardholder data.

Previous Article 3 Ways to Cut Business Travel Costs
Next Article How Technology is Redefining Business Travel

Related Posts

  • Spring Clean Your Business Travel Processes

    Spring Clean Your Business Travel Processes

    7 September, 2018
  • Data Privacy for Business Travellers

    Data Privacy for Business Travellers

    9 May, 2018
  • How Technology is Redefining Business Travel

    16 March, 2018

Leave a Reply

Cancel reply

Quick Links

  • Home
  • About Us
  • Contact Us

Connect With Us

© Copyright 2017 Thompsons Travel