SITA Achieves Compliance to PCI Security Standards for Aiport Passenger Processing System

IT solution specialist SITA, has achieved Payment Card Industry Data Security Standard (PCI DSS) certification as a service provider of its common-use platform AirportConnect Open.

This confirms SITA as the world’s first, and only, service provider of a common-use passenger processing system and managed services, to be listed as capable of meeting the global security requirements of the payment card industry.

PCI DSS is the security standard developed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc. to provide fraud protection to their cardholders. Any organization that processes, stores or transmits cardholder data is required to comply with these security standards. To achieve compliance, a service provider must go through a thorough annual assessment.

Ilya Gutlin, SITA Vice-President for Airport Services, said, “SITA is meeting the increasing requirements of the air transport community as it brings common-use passenger processing environments to a more efficient and secure level. It is another milestone in our long history of community leadership as we continue to partner with airports and airlines to meet the evolving needs for common-use systems. SITA is now the first, and only, service provider to receive certification to the PCI DSS for a common-use platform, and be recognized by Visa as a PCI Compliant Service Provider.”

Airlines are offering more and more services that require payment from passengers at the airport including baggage fees, same-day upgrades, priority seating and lounge access. Wherever a card is swiped – at an agent’s desk or at a self-service kiosk – they must ensure that this action is in line with the payment card industry’s security standards and that their system suppliers are PCI Compliant.

“Airports are ultimately responsible for their annual PCI compliance assessment across all areas and so they will need to add PCI compliancy as a required specification for all future system installations. But knowing part of the environment, namely their passenger processing provided and managed by SITA, is already compliant will make the airport's PCI assessment easier,” Gutlin added.

Aleks Popovich, Senior Vice President of Industry Distribution and Financial Services at IATA, said, “IATA is working closely with its member airlines to support PCI DSS compliance in industry distribution channels, such as the Billing and Settlement Plan (BSP) and other shared infrastructure.

“Compliance to PCI DSS is mandated by the international card payment schemes but it is also sound business practice. It protects clients, avoids card fraud, and lowers the risk of fines and fees.”

SITA’s AirportConnect Open is used by more than 300 airlines to process millions of passengers every day in more than 400 airports around the world. The company is now the only service provider of a fully-integrated common-use platform and managed services, supporting workstations and CUSS kiosk applications that is compliant with the latest security standard PCI DSS Version 2.0. 

See other recent news regarding: Airlines, Airports, Awards, Flights, Codeshare, FFP, Inflight, Lounges, First Class, Business Class, MICE, GDS, Rewards, Miles, Hotels, Apartments, Promotions, Spas, Yoga, Retreat, New Hotels, Traffic, Visitor Arrivals, Cruises, Free Deals, Interviews, Videos, Tickets, SITA