After the initial profile creation, travel platform users can create and manage Credit Cards via the Profiles - Credit Cards section.
User Access Levels: Traveller (oneself) is recommended to record and manage their own financial related information (data) to maintain PCI-DSS compliance. Furthermore, the following credit card data must never be stored in a profile, even if it were to be encrypted.
Sensitive authentication data (i.e., full magnetic stripe info)
Card Validation Value (CVV) i.e. the 3-4 digit service or card security code
PIN / PIN block (i.e. the encrypted PIN)
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from major card schemes.
The PCI Standard is mandated by the card brands but administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.
Credit Cards are a form of payment (FOP) issued by a financial institution that enables the cardholder to use authorised funds within the linked account. That account may be a company or department expense account, or it may be a personal one where the company will reimburse the user at a later date.
Credit Cards can be managed within the travel platform in a secure and easy manner with PCI DSS and Data Privacy obligations are always maintained via the partnership with the Cloud Security platform TokenEx.
TokenEx is a data protection platform that provides cloud tokenization, encryption, and data vaulting through a vendor agnostic platform that secures all sensitive data.
The travel platform’s TokenEx integration utilises the latest Token Scheme that provides robust framework for the tokenisation and storage of a profile’s Credit Card infromation.
Credit cards stored in a profile allow for an efficient booking experience as this information is passed securely to integrated systems (e.g. GDS, Online Booking Tool) for the booking of travel.
Add Credit Card
Select the + Add Credit Card option.
Credit Card mandatory fields are denoted with an * (asterisks).
Once all mandatory fields (*) have been completed, select Save to store the credit card.
Currently, there is no limit to the number of Credit Cards that can be recorded in a traveller profile.
Supported Card Types
The card types listed below are currently supported in the travel platform, including tokenisation via Tokenex.
Priority Order & Corporate Card
Use of Priority Order can be used if more than one (1) FOP requires to be stored.
This allows the travel platform to know the preferred order a user would like each FOP to be displayed and applied when passed to integrated systems.
The Corporate Card toggle can only be used for one (1) card and should be reserved for a company or department-issued credit card.
Edit/Delete Credit Card
Select the ⋮ icon to edit (🖉) or delete (🗑) a Credit Card if required.
The card credit number does not allow to be edited, the entire entry would need to be deleted and re-added.
A credit card that has been edited or deleted, once finalised (saved) is unable to be restored or recovered.
Expiry Date Alerts/Notifications
A credit card that has already expired or is scheduled to expire soon may result in delays in the travel request and booking processes. In some situations, trip segments (e.g. hotel) be unable to be reserved or are cancelled by the supplier if the credit card expires before the date of travel.
Profiles are designed to avoid problems by providing alerts/notifications for Credit Cards with an impending expiry date as well as any that have expired, as seen in the following examples.
The expiring soon notification will present when a Credit Card has only approximately four (4) weeks validity remaining. An expired notification will remain until the expired Credit Card is deleted or modified (edit) to hold a future/current expiry date.