• Business Travel
    • Bleisure
  • Technology
  • Duty of Care
  • Meetings & Events
    • Conferencing
    • Incentives
  • Leadership
    • Mentorship
    • Women In Business
    • Go Green
  • Home
  • About Us
  • Contact Us
  • Home
  • About Us
  • Contact Us
Facebook Linkedin
Thompsons Travel Blog
  • Business Travel
    • Bleisure
  • Technology
  • Duty of Care
  • Meetings & Events
    • Conferencing
    • Incentives
  • Leadership
    • Mentorship
    • Women In Business
    • Go Green
Business Travel

3 Things To Know About PCI

8 Mar, 2018

Payment Card Industry Data Security Standards (PCI DSS) is a global data security standard to protect confidential payment card information against fraud and theft. Airlines have demanded that the International Air Transport Association (IATA) support their own internal compliance project, which is why IATA Accredited Travel Agents now need to become PCI DSS compliant.

“Payment security should be a priority for any organisation, regardless of their industry,” says Chantal Kliche, Retail Manager of Thompsons Travel, Cape Region. “It is vital for organisations to put their customers’ security first and protect themselves through risk mitigation.”

1. What is PCI DSS?

PCI DSS applies to cardholder data, which includes the number on the card, the cardholder name, service code, and validity dates. Some of this data can be construed as personal information as defined by POPI.

Initially, each of the different individual card companies had their own independent security programmes to protect and secure the personal data that they processed and stored. However, with growing concerns around the unauthorised or fraudulent use of cardholder data, the five major card companies formed the PCI DSS Council (the Council) in 2006, which manages, maintains and assists merchants, service providers and other card processors with the safe handling of cardholder information.

2. Does PCI DSS apply to you?

PCI DSS applies globally to all merchants and service providers that process, transmit or store debit or credit card information.

To determine whether you are required to adhere to the PCI DSS, check with your bank which deadlines and penalties apply to you, take immediate steps to assess your current status of compliance and if necessary, implement internal policies and procedures to ensure that you meet requirements.

3. What are the compliance objectives?

The six high-level objectives of PCI DSS compliance are to:

  1. Build and maintain a secure network
  2. Protect cardholder data
  3. Maintain a Vulnerability Management Programme
  4. Implement strong access control measures
  5. Regularly monitor and test networks
  6. Maintain an Information Security Policy

“If you comply with PCI DSS you will more than likely comply with certain conditions of POPI,” says Kliche. “However, it is important to note that PCI only applies to cardholder data, while POPI applies to personal information at large – a much more significant category of information.”

Thompsons Travel is PCI DSS compliant. Please contact your Account Manager for more information on the steps we have taken to safeguard sensitive cardholder data.

Previous Article 3 Ways to Cut Business Travel Costs
Next Article How Technology is Redefining Business Travel

Related Posts

  • Data Security - Thompsons Travel

    Smart Cybersecurity Tips for Business Travellers 

    28 Feb, 2025
  • Key Business Trends in 2025

    Key Trends Shaping the Future of Business Travel in 2025 

    9 Dec, 2024
  • 5 Ways to Be More Cyber-Savvy on a Business Trip - Thompsons Travel

    5 Ways to Be More Cyber-Savvy on a Business Trip

    29 Apr, 2019

Leave a Reply

You must be logged in to post a comment.

Quick Links

  • Home
  • About Us
  • Contact Us

Connect With Us

© Copyright 2017 Thompsons Travel