About Us :

General    Company History    Legal    Partners & Affiliates    What's New  Press

Payment Card Industry Data Security Standard (PCI-DSS) Deadlines Comin Soon

Payment Card Industry Data Security Standard (PCI-DSS) deadlines are upon us.  Just yesterday (6/1/09), NATA News ran a story on this topic.  Here's the bottom line:  If you accept Visa, MasterCard, American Express, or Discover cards ("consumer cards"), the PCI compliance requirement applies to you.

Becoming PCI compliant is not just a matter of finding the right processing company and software for credit card processing.  Your organization must also attest to its overall compliance.  Otherwise, you risk the loss of your ability to process consumer cards as well as the possibility of fines in the event of a security breach at your company.

So what is this attestation?  It depends on how you process consumer cards.

1. If you process consumer cards by imprint (on paper) or using a dial-up machine, you can use the PCI's "simplified" Self-Assessment Questionnaire B – 13 pages, 26 requirements / questions.  You cannot store card numbers for recurring charges electronically, and you must have tight controls over any card numbers stored on paper (think vault).  You must also have and maintain an information security policy.
2. If you process through computer systems developed internally or stored on an internal computer (as with TotalFBO®  or FBO Manager®), you must use Self-Assessment Questionnaire D – 31 pages, 222 requirements / questions.  For small to medium organizations, the requirements in SAQ D are nearly impossible to meet -- even if your software itself complies.
   
3. If you’re processing consumer cards online through MyFBO.com, you can use Self-Assessment Questionnaire C.  While SAQ C is 16 pages with 41 requirements, the MyFBO.com PCI Compliance Pathway walks you through each requirement.  Most requirements are met by the MyFBO.com software with a certified credit card vault.  For other requirements like maintaining an information security policy, MyFBO.com provides draft documents for your use.  In other areas, MyFBO.com lays out the actions you need to take in plain English.  We make PCI Compliance easy.

Of course, helping you comply with Payment Card Industry Data Security Standard is just one of the many things we do.  Our web-based aviation management systems can be up and running for your organization in minutes -- interacting with your customers and staff, selling products and services, and managing multiple locations from anywhere there's an Internet connection.  Our service can be configured for fuel dealers, flight schools and academies, repair stations, aircraft managers, flying clubs, charter operators – most any combination of flight and ground operations of any size.