Streamline your BSP journey towards achieving PCI DSS Compliance

Becoming PCI DSS compliant can help your travel agency secure customers' sensitive information and improve your approach to cybersecurity.


Meeting IATA requirements to join the Billing and Settlement Plan (BSP) card sales channel will enhance access to process transactions with multiple airlines.

Payment Card Industry Data Security Standards (PCI DSS) is a global data security standard to protect confidential payment card information against theft.

We provide a platform for travel agencies to easily prepare PCI DSS Compliance documentation.

For a small annual fee, you can use our Compliance Wizard with resources created by expert QSA consultants to expedite your accreditation process and meet IATA requirements quickly.

Foregenix is a certified PCI Security Standards Council partner to acquire evidence of PCI DSS compliance.

What does the program include?

A comprehensive set of tools to get your Travel Agent PCI Compliant

Our PCI Self Assessment online portal offers a Step-by-step guide to complete the SAQ & get evidence of PCI DSS compliance

Direct access to one of the world's leading PCI Assessor teams.

Instant access to a comprehensive QSA knowledge guide and required Policies and Procedures templates.

Getting started takes 2 minutes - nothing to install, simply create your account, point ThreatView to your website and get your assessment results in seconds

You can perform a ASV Scan to up to 20 IP addresses as many times as you like. Even if your SAQ doesn't require a scan you can still run a scan as a best practice. 

How does it work?

Easy steps to meet the PCI Compliance validation process.

Learn how to use our  Foregenix Travel Agent PCI DSS Program to attest and become a PCI Compliant Travel Agent.

Rapid setup in less than five minutes

To start, you only need to know the following information:

  • IATA Number
  • Travel Agency name
  • Business address
  • Contact person
  • Contact number
  • Email address

After submitting the form and making the payment, the Foregenix team will perform technical validations.

Once the validations are finished, an email will be sent to you with your exclusive access to the portal and a detailed user guide.

Follow the PCI Apply compliance wizard, guiding you step-by-step

You will receive the appropriate guidance to know which Self-Assessment Questionnaire (SAQ) applies to your business. 

Answer a few questions about your payment processing environment to determine what your compliance needs are. 

Complete the survey in a friendly manner. The platform indicates if something needs a double-check. Once reviewed, the PCI template will be automatically filled based on your responses.

Get your Attestation of Compliance (AOC) document

Some SAQs require an ASV Scan, the platform will let you know. We coordinate the scan and produce a detailed report. If something needs attention, you can fix it and rescan as many times as you need. 

Once remediation is complete, an Attestation of Compliance (AOC) is created by Foregenix. This document validates that your organisation has completed its assessment and is compliant with the PCI DSS requirements.

The AOC produced by the system is the document which you need to submit to IATA.

Full access to Foregenix platform resources

In the resources library you can get templates of all the required policies and procedures.

  • SAQ Official Documents
  • Compliance tools and templates
  • Education materials
  • FAQs Section
  • Non-compliance notifications
  • 24/7 online technical support

Join the prestigious ranks of agencies that have achieved  PCI Compliance through Foregenix


Let’s protect your business with Threatview

Try it for free!