June 12, 2008
IT provider presents innovative solution for credit card processing/ Membership in international PCI Security Standards Council
Lufthansa Systems today presented an innovative concept for enhancing the security of credit card processing. Based on the current security requirements of leading credit card providers, Lufthansa Systems has developed a solution which offers extensive fraud protection to card users, retailers and credit card companies alike. Lufthansa Systems has also joined the international PCI Security Standards Council in order to help promote the security of the credit card transactions.
A worldwide security standard for credit card and EC debit card transactions has been in place since 2004. This Payment Card Industry Data Security Standard (PCI DSS) was developed by leading international credit card companies. All companies working with credit or debit card data, regardless of country or industry, are obliged to implement and comply with the PCI standard, which comprises around 380 detailed requirements. If they fail to do so, the companies face fines and may lose their authorization to process card-based transactions.
In the aviation industry in particular, many services are based on credit card details, including ticket purchases as well as non-financial transactions such as self-service check-in and mileage credit. The PCI security standards automatically come into play when credit cards, rather than pure customer loyalty cards, are involved.
Lufthansa Systems developed the PCI Compliance Engine which enables its customers to reduce the efforts to meet the PCI DSS security requirements. This new security solution takes an innovative approach to ensuring that all card transactions comply with the PCI DSS. Instead of protecting a credit card number by following all 380 security rules, the card number is replaced with an artificial ID in the IT systems involved. The tool is the only data unit to centrally isolate and store the credit card numbers. Since the artificial ID is neither the credit card number itself nor an encrypted version of the number, the PCI DSS requirements no longer apply.
“The PCI Compliance Engine significantly reduces the tremendous effort companies must expend on complying with the PCI standard,” explained Dr. Anselm Eggert, Senior Vice President Passenger Airline Solutions at Lufthansa Systems. “The new solution saves time and money and helps to better safeguard the customers' card details.“ The PCI Compliance Engine is suitable for any airline using IT applications which process credit card information. The new Lufthansa Systems product is fully developed and has already been tested as a prototype.
To further promote card security, Lufthansa Systems has also joined the PCI Security Standards Council. Lufthansa Systems will work with the other members of this organization – credit card companies and international firms from a variety of industries that are involved in credit card processing – to continue developing the PCI Data Security Standard.
“The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data,” said Bob Russo, General Manager of the PCI Security Standards Council. “By participating in the standards setting process, Lufthansa Systems demonstrates they are playing an active part in this important end goal.”
Note to editors:
Lufthansa Systems is one of the leading IT service providers for the airline and aviation industries worldwide. As a systems integrator, the wholly-owned subsidiary of the Lufthansa Group covers the entire range of IT services, including consulting, development, implementation and operation. Lufthansa Systems provides its infrastructure and consulting services to a variety of industries. Headquartered in Kelsterbach near Frankfurt/Main, Germany, the company has branches in Germany and 16 other countries and employs about 3,200 people worldwide. In business year 2007, Lufthansa Systems recorded sales of EUR 679 million.
For further information, please contact:
Lufthansa Systems AG
Sandra Hammer
Corporate Communications
Tel.: +49 (0)69 696 90776
Fax: +49 (0)69 696 90777
E-mail: publicrelations@LHsystems.com