SITA has launched the first payment solution to address the need for airlines to be able to accept payments securely at airports when using a shared IT infrastructure.
SITA AirportConnect Common Use Payment Service enables payment transactions by multiple airlines on a single payment terminal.
Importantly, this is possible with any, and all, of the departure control systems the airlines choose to use.
Airlines use common-use or shared IT infrastructure at airports around the world and this ground-breaking solution has been developed by SITA to support airlines that wish to accept payments at common-use check-in desks, kiosks and bagdrop areas for baggage fees, upgrades and other ancillary charges.
(David Kershaw, Portfolio Director, SITA describes how SITA solved the multi-merchant challenge for payment acceptance at airports with a solution that will support airlines that wish to accept payments at common-use check-in desks, kiosks and bag drop areas for baggage fees, upgrades and other ancillary charges. Courtesy of SITA and YouTube)
SITA’s new solution uniquely combines point-to-point encryption (P2PE) technology, with Europay, Mastercard, Visa (EMV) and Payment Card Industry (PCI) compliant chip card payment terminals, applications and processes, to allow multiple merchants to use the same terminal while meeting PCI security standards.
How it Works
- Uses existing CUTE/CUPPS workstations
- New peripherals for payment processing
- Gateway on the workstation communicates with PED
- Service infrastructure is hosted in the SITA PCI compliant Data Center
- Presentation of payment communications API for adoption by IATA as airline standard
SITA has implemented this service with a major European airline at a common-use airport where rigorous testing proved the effectiveness of the encryption technology for chip, magnetic stripe and contactless card payment transactions.
SITA’s common-use payment service meets the unique operational challenges of airlines. It allows airlines to share the same point of sale (PoS) and PIN entry devices (PEDs) at the airport, while continuing to use their preferred payment service providers and banks.
This maximizes the benefits of the airline’s existing commercial relationships. Importantly, the service is also designed to minimize fraud risks by implementing encryption with EMV card readers and provides support for a secure payment solution aligned with credit card brand approvals.
“This new service, integrated with our SITA AirportConnect platform, allows airlines, airports and other air transport industry stakeholders to accept credit card payments in a common-use environment in line with Payment Card Industry standards,” said Barbara Dalibard, SITA CEO.
“Our service features point-to-point encryption to provide a powerful, flexible solution for all stakeholders to ensure the protection of customer data.”
P2PE in SITA AirportConnect Common Use Payment Service delivers significant benefits including making account data unreadable by unauthorized parties.
It “de-values” account data because it cannot be abused – even if stolen. In addition, P2PE can simplify compliance with PCI DSS (Data Security Standard) requirements for airlines and airports by reducing the number of addressable requirements during a PCI security assessment.
SITA AirportConnect Common Use Payment Service further enhances the community values that are central to common-use across the industry.
It is the culmination of work with the International Air Transport Association (IATA) Common Use Working Group in collaboration with various payment industry leaders, including Verifone, Thales and Smart Technology Solutions.
“Thales’s extensive expertise and leadership in the payment security market, enriched by our long-standing partnerships with leading payments processing vendors, allows us to help innovators such as SITA deliver the high levels of performance and security required for payment processing,” added Peter Galvin, Vice President Strategy at Thales e-Security.
The payment terminals available as part of SITA’s service are capable of supporting PCI compliance requirements for an airline’s passenger credit card data handled through SITA’s CUTE/CUPPS/CUSS system.
PCI compliance certification, however, still requires an end-to-end security review by each airline of its own full payment process.
Initially available for SITA AirportConnect workstations, the service will be rolled out to support SITA’s common-use kiosks and bagdrop stations over the coming months.
SITA is the communications and IT solution provider that transforms air travel through technology for airlines, at airports and on aircraft.
(See how SITA touches every aspect of the air transport industry, providing the technology that powers the industry for airlines, at airports and on aircraft. Courtesy of SITA and YouTube)
The company’s portfolio covers everything from managed global communications and infrastructure services, to eAircraft, passenger management, baggage, self-service, airport and border management solutions.
Owned 100% by more than 400 air transport industry members, SITA has a unique understanding of its needs and places a strong emphasis on technology innovation.