The IATA (International Air Transport Association) is mandating that all of their members achieve and maintain Payment Card Industry Data Security Standard (PCI DSS) compliance as a condition of obtaining and retaining their IATA accreditation.


PCI DSS is a global data security standard that was created to help businesses process card payments securely and to protect confidential payment card information against theft and fraud. The five card schemes that created the council are American Express, Discover Financial Services, JCB International, Mastercard, and Visa.

IATA demand compliance

IATA has demanded that all accredited travel agents support PCI DSS by March 2018. By complying, travel companies are helping to protect their customer's sensitive card data from fraudsters through better security practices. Those that cannot meet the requirement will risk losing accreditation, customers and credibility within the sector.

Next steps

With IATA demanding compliance, your current process may need amending. Assessing any vulnerabilities and removing potential threats is vital. Adflex can help by providing a secure and robust payment gateway, and travel agents can benefit from enhanced security measures such as tokenization.