FinCom (97 minutes) having “noted the wide-ranging impact of the PCI DSS requirements on airline business processes and the serious consequences of non-compliance for the merchants” approved the establishment of a PCI DSS Work Group.
Objective
The objective of the Work Group is to establish a recommended strategy and high-level action plan to ensure that all IATA member airlines become PCI DSS compliant.
Scope
- Identify where all airlines stand on the issue of and track the progress in achieving PCI DSS compliance.
- Review the BSP process chain from ticket sale to final settlement of payment to airlines.
- Identify areas requiring IATA standard setting to facilitate industry solutions.
- Work with the Payment Card Industry to influence the setting of new Data Security Standards to minimize the disruption of airlines sales and service delivery process.
Size and Composition
The PCI DSS Work Group is made up of five airline representatives. The members are experienced in the technical requirements of the compliance standard and fully understand the BSP process flow and commercial needs of airlines with regards to ticket sales/refunds and settlement.