Travel software developer Vibe says it expects its recently achieved payments security compliance to give it a competitive edge as new regulations are set to come in next year.
The firm says it has invested a six figure sum to achieve full PCI DSS compliance which took nine months to complete with four members of staff working on it.
Matthew Chapman, Vibe’s chief technology officer, said compliance will give its customers and prospects peace of mind as new data regulations and Iata protocols come in in 2018.
In May next year, new EU General Data Protection Regulation will see much bigger fines imposed an any companies found to be non compliant with data rules when there is a breach.
And from March next year aviation body Iata will insist that all accredited agencies are PCI DSS Level 1 compliant, having delayed the move from June this year.
Payment Card Industry Data Security Standard (PCI DSS) compliance was developed by credit card firms to protect information against theft.
The delay by Iata came at the behest of the Association of Canadian Travel Agencies which said its members were not ready.
Chapman said: “With GDPR coming there’s a big overlap between this and the new Iata rules and at heart it’s about protecting data.
“We are looking after our customers’ data and we have been audited to prove the fact so clients and prospective clients can see we are genuinely compliant.”
Iata allows smaller firms to self-assess, but Vibe said it decided to go down the route of being audited by an external assessor to offer greater peace of mind.
“We are doing the right thing. We do not want to be the cause of a breach. This shows we are taking security seriously,” Chapman added.
“I think this is a genuine competitive edge for the retention and acquisition of new clients. We are going to be going out selling these services to prospective corporates.”
Vibe said it is happy to show clients its Attestation of Compliance which summarise its compliance and audit results.
Vibe develops online booking systems for B2C, B2B, and call centre and retail travel firms in both the leisure and corporate sectors.
Customers include OTAs, consolidators, tour operators, media firms, airlines and airports and travel management companies.
Significant clients include The Guardian, Qatar Airways Holidays, and dnata-owned Arabian Adventures for which it has recently launched a platform.
Chapman said next year there will be a big focus on modernising parts of the platform to optimise conversion rates on websites and mobile.
“To date we have been very successful with referrals from existing clients, word of mouth has been fantastic for us, but we really want to push on proactively as well.”