There is a need to provide background information on The Data Protection Standard for Payment Card Industry Data Security Standard (PCI DSS) and its applicability to the airport environment, to help ensure that airport systems meet this commercial standard.
As airports assume more ownership of systems that accept payment from parking revenues, concession sales, and other services, airports are becoming merchants and/or service providers. As such, it is now incumbent upon airports to implement the same protections and controls that other businesses must implement to protect consumers' private financial information.
A primer is needed by airports to help them understand the data and network protection responsibilities they must assume, when accepting card transactions.
The objective of this research is to develop an analysis of the PCI DSS standard, and determine what airport systems may be affected by the standard. For example, common use systems that may handle airline related transactions; parking revenue systems; point of sale systems; airport museums; and on-line airport sales of goods or parking ticket payments.
This research will result in an introductory guide for airports on their responsibilities associated with the commercial PCI DSS. This will raise awareness for the airport practitioner and identify what types of unique airport systems are affected, the issues to consider and the resources available to aid and fund compliance.
The Research Funding is $25,000 for approximately 6 months to one year for the research period.
The expected pay off is an introductory guide on PCI DSS that would be an essential tool for every airport CEO, CIO or IT Director. This guide will help airports become aware of their PCI DSS compliance responsibilities as merchants and/or service providers.
Status: Results Reseach Digest 11 has been published.