Travel agents face additional bank charges for failing to comply with credit-card security checks, with one agency having to pay a £600 bill.
Banks now require agents to meet the Payment Card Industry Data Security Standard (PCI DSS), an annual check to ensure retailers are adequately protecting customers’ credit-card details from in-store and online fraud.
Peter Goord Travel owner Anthony Goord reports he was charged £600 on transactions through Barclaycard Payment Acceptance after failing to register PCI DSS compliance by a deadline of June 1.
Agents can comply by filling in a security questionnaire or using a qualified security assessor to do it for them.
Goord has since performed a self-certification check to bring his agency in line, and is urging other agents to ensure they comply after discovering fellow members of the Southwest Independent Federation of Travel Agents were unaware of the requirements.
He said: “Agents are being sent letters saying they must comply with these new security checks, but they don’t know what to do. If they are not going to comply with the regulations, they are going to get charged, and many agents can’t afford that.”
A Barclaycard spokesman said the company had been promoting the need for agents to meet PCI DSS requirements since September last year. The charges for non-compliance depended on the individual case, he said.
“We have been communicating with clients to emphasise the importance of card security for some time,” said the spokesman. “The need to secure cardholder information and comply with the PCI DSS requirements will become increasingly important.”
Speaking at the Advantage Conference at the weekend, Inntel Travel business travel manager Simon New said: “We are trying to be PCI compliant, but the trade generally is not. There is going to be more pressure on agents using cards.”