TORONTO — Following concerns from the travel agent community, IATA has extended the deadline for agents to comply with the Payment Card Industry (PCI) Data Security Standard (DSS).

Originally scheduled for June 1, 2017, IATA’s Passenger Agency Conference Steering Group (PSG) has announced that it has approved the postponement of PCI DSS compliance until March 2018.

The move comes after ACTA reported serious concerns from its members over the past several weeks. ACTA, through its presence on the Agency Programme Joint Council (APJC), directed its efforts to lobby for greater clarity around PCI Compliance requirements and requested the deadline to be extended.

“We are very pleased and would like to thank IATA for accommodating our request to extend the deadline and remind our members that this is a postponement, not a cancellation. Measures will still need to be taken to ensure that you are compliant before the new deadline of March 2018 vs. June 1, 2017,” said ACTA in an official release.

To help its members fully understand the requirements, ACTA will be hosting a webinar in July as well as offering additional education resources, including an FAQ section on its website.

PCI DSS compliance was introduced to address the risks associated with payment card transactions and potential data breaches. American Express, Discover Financial Services, JCB International, MasterCard and Visa are the founding members of the Payment Card Industry Security Standards Council. It is the Council’s mission to enhance payment card security by fostering broad adoption of the PCI Data Security Standard for merchants and processers handling sensitive payment card information.

All entities that store, process and transmit payment card data are required to adhere to PCI security standards, which are the technical and operational conditions to preserve payment card security.

To learn more about how to become PCI DSS compliant, go to www.iata.org/pci-dss.