Credit Card Masking and Encryption Advance Screen Change Notification

Similar documents
Expanded Fare Quote Best Buy (16 Segments)

Introducing Galileo Enhanced Privacy Protection

Scoot Pte Ltd (TZ) Reservation & Ticketing Guide

Taxes Breakdown (XT) Enhancement

Z Company

API Developer Notes. Using Fare Quote Super Best Buy on the Galileo CRS. 29 June Version 1.3

Z Company

Galileo Low Cost Air. Frequently Asked Questions v1.8. Document Name Page: 1

Worldspan Sign-In Security. New Worldspan Sign-In Security measures. Impact to all Worldspan users

Galileo Content Builder Featuring RBC Insurance. User Guide

Training Document. Amadeus Insurance

NOTES COMANDS FOR COMMAND PROMAT

INTERNATIONAL MARKETS (EMEA) PRODUCT ADVISORY CREDIT CARD CARRIER VALIDATION - PA358

Frontier Navitaire Cutover: Agency FAQ s 03/03/2015v3 1

Credit Card Numbers / Security Code Best Practices PCI DSS

Worldspan by Travelport Training Services. Login to Travelport Training Services

GALILEO DESKTOP 2.0 NOTICE

The proof. Time Trials and Keystroke Analysis Apollo System. conducted October 21st 2011

Total Time: Content: Question/answer:

Analysis One Code Desc. Transaction Amount. Fiscal Period

Galileo 360 Fares Booking File Data Validation

Amadeus Egypt. Electronic Ticketing. Briefing Module

Low Fare Search. Quick Reference BENEFITS O V E R V I E W

Matrix Airfare Search

Travelport Ticket Report

1. How could I possibly display the list of all carriers with Interline Ticketing Agreement?

Galileo International. Firewall & Proxy Specifications

Functional Differences

An instruction from FB to Agents to issue e-ticket from 1 June 2008.

Case 2:08-cv ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8

Electronic Ticketing

Content. Quick Reference Online Assistant ticket order tool. Overview Retrieve a PNR Pricing Payment TSA Data...

PNR PRICING & TICKETING GUIDE

Page1. CrossCheck Travel Enterprise Financial Takeup

Amadeus Electronic Ticketing Course

RES. Support Group Nov06 1

Amadeus Virtual MCO User Guide

OLYMPIC AIR. User Guide. August 2015

< Effective since 12 th February 2012 > Cathay Pacific Airways And Dragonair. Electronic Ticketing for Travel Agents

User Guide - Version 1. Amadeus Airline Service Fees

SCO C OT O T ICKE K T E ING 1

Lesson: Passenger Name Record

Branded fares and ancillaries Clue card Travelport Galileo & Travelport Apollo

E ticket industry default Effective from June 1 st, 2008

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015

Alerts: Bookings: Version 2 Page 1

Your guarantee to have the right fare at the right time. Amadeus Ticket-ability of a Pricing Solution

A Guide to Data Migrations for Customers and Local Markets.

Secure Flight Passenger Data Overview

SRILANKAN AIRLINES FARE CLASS RESTRUCTURING - 1 st SEPTEMBER For the information & guidance of Travel Agents

Cathay Pacific Airways Dragonair. BSP Electronic Miscellaneous Document (EMD) for Travel Agents

Microsoft Business Solutions Navision 4.0 Development I C/SIDE Introduction Virtual PC Setup Guide. Course Number: 8359B

Thai Amadeus Southeast Asia Co.,Ltd. The Offices At Centralworld 999/9 Unit , 34 Floor Rama 1 Road, Patumwan, Bangkok

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

Features for France. Microsoft Corporation. Published: November 2006

Future Trends in Airline Pricing, Yield. March 13, 2013

Travelport. Product Type(s) Contact Details. Company Information. Product Information. Air Reservations. Car Reservations. Global Distribution System

Marketing Amenity Program

quick REF GUIDE Booking easyjet through Sabre Version: 2.3

Data Integrity in Travel Management Reporting

Credit Card Processing

Dolphin Dynamics. Interface Configuration

Contents. Travel. Inspired by Travelport. Page 02. Is a Credit Card Verification Value (CVV)/CID number mandatory? What currency codes are supported?

Revenue Accounting Reference Number SAA-RS-01 JUNE 2014 Effective Date 2007 SECTION 2 CREDIT CARD SALES 2.1 CREDIT CARD FRAUD PROTECTION

Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide

INSTRUCTIONS GUIDE FOR BLUE AIR TICKETS ISSUANCE

Feature for India (Third-party invoice)

ATPCO Optional Services. Supporting Processes

TheFinancialEdge. Fast! Guide

Electronic Miscellaneous Document (and / or) Amadeus Airline Ancillary Services

1. Agreement Between United Airlines and Agent: 2. Definitions:

User Guide. Amadeus Ticket Changer. User Guide

Amadeus Selling Platform All Fares Plus

Annex A to the MPEG Audio Patent License Agreement Essential Philips, France Telecom and IRT Patents relevant to DVD-Video Player - MPEG Audio

Management Reporter Integration Guide for Microsoft Dynamics AX

Office Language Interface Pack for Farsi (Persian) Content

Cathay Pacific Airways. BSP Electronic Miscellaneous Document (EMD) for Travel Agents

Worldspan Ticketless Payment Go! Script

Acceptance Page 2. Revision History 3. Introduction 14. Control Categories 15. Scope 15. General Requirements 15

a) Galileo FeeNett reads information already entered by you into the PNR this minimises double entry and any risk of errors.

INSTRUCTIONS GUIDE FOR BLUE AIR TICKETS ISSUANCE

CRM Form to Web. Internet Lead Capture. Web Form Configuration Instructions VERSION 1.0 DATE PREPARED: 1/1/2013

How to Book Transavia using Travelport Smartpoint 6: Travelport Galileo

FARE, PRICING & TICKETING GUIDE HONG KONG TEL FAX MACAU TEL

Benefits of Integrated Credit Card Processing Within Microsoft Dynamics GP. White Paper

Volume PLANETAUTHORIZE PAYMENT GATEWAY. vtiger CRM Payment Module. User Guide

ENHANCE. The Style Sheet Tool for Microsoft Dynamics NAV. Microsoft Dynamics NAV 5.0. User s Guide

ScriptPro Automated MCO and Service Fee Script Overview

Use Amadeus Fare Diagnostics

Computing & Telecommunications Services Monthly Report March 2015

PA-DSS Implementation Guide for. Sage MAS 90 and 200 ERP. Credit Card Processing

VIASINC Galileo Training

Resource Management Spreadsheet Capabilities. Stuart Dixon Resource Manager

Pipeliner CRM Phaenomena Guide Getting Started with Pipeliner Pipelinersales Inc.

Transcription:

Credit Card Masking and Encryption Advance Screen Change Notification Beginning February 19, 2007 credit card numbers may be masked on Apollo and Galileo systems. This advisory contains significant changes to the implementation of credit card masking. Please review the entire advisory. Galileo by Travelport Web: www.galileo.com Credit Card Masking Jan 29 07 External Page: 1

Contents Credit Card Masking and Encryption...3 Changes since last advisory... 3 Overview... 3 Background... 3 Enhancement Description... 4 Target Market... 4 Best Practices... 4 Enhancement Details... 4 Terminal Emulation...5 Structured Data...12 AAT Settings...13 Sign on Profiles...14 References... 15 Implications to Other Products... 15 Credit Card Masking Jan 29 07 External Page: 2

Credit Card Masking and Encryption Who: What: Where: When: Action Required: All Apollo and Galileo system users, including structured data users Credit card encryption of the Form of Payment in PNR (Apollo) and Booking File (Galileo) Credit Card Masking in displays, including structured data responses All Apollo and Galileo markets February 12, 2007 changes go into effect. Between January 30, 2007 and February 12, 2007 update settings in preparation for activation Feb 12. Ensure your agency has a secondary authorizer. Update sign on profiles of any users who will need to have the card numbers masked. Changes since last advisory The default setting has changed. The default will be no masking for each user. The agency should update sign on profiles for any user that should have card numbers masked. The masking for terminal emulation (Focalpoint ) will be all Xs with only the last 4 characters exposed. The masking for structured data (including Viewpoint ) will be the first digit and last 4 digits exposed with everything in between masked with 0s Masking will be activated at approximately 2300 Mountain Time on February 19, 2007. Overview Both Apollo and Galileo systems will be updated to mask credit card information in credit card specific fields of the PNR or Booking File (BF) and the Profile or ClientFile. This masking will apply to both terminal emulation and structured data (within this advisory structured data includes Viewpoint ). New settings in the agency account table (AAT) and agent sign on profile (terminal security profile, or TSP) will control the display of the credit card data in its masked or unmasked form. In addition, the credit card number in the PNR/BF form of payment field will be encrypted during end transact and will be decrypted during retrieval. Background Payment Card Industry Data Security Standards (PCIDSS) require the credit card number to be masked on displays and encrypted when stored. This enhancement will support PCI compliance for both the Apollo and Galileo systems and for our customers. Additional information about PCIDSS can be found at: https://www.pcisecuritystandards.org/tech/index.htm Credit Card Masking Jan 29 07 External Page: 3

Enhancement Description The credit card number will be encrypted in the form of payment field in the PNR and booking file when stored on the host. When the PNR or BF is displayed, the credit card number will be decrypted. Also, the credit card number will be masked in the following fields for users with masking activated: Form of payment Hotel guaranteed payment area Car guaranteed payment area Stored fare form of payment Electronic ticket file Profile/Client File SSR fields: o Guaranteed electronic payment (EPAY) o Guaranteed Payment (GUAR) o Form of ID (FOID) The above fields will be masked for PNR/BFs in the live system as well as in bookings displayed through Past Date Quick (PDQ) and (for subscribers) Past Date Historical Data on CD. Target Market All users in all markets are affected by this enhancement. This includes structured data users. Best Practices Agencies should review their business processes and activate masking for those users who do not have a business need to see the full credit card details. Agencies should also consider any automation being used in order to determine the impact of this change and to decide if updates to scripts or other agency applications are needed. These changes could include modifying any applications that capture credit card data from a screen display, since that data may now be masked. Agency management should take advantage of the interval before masking goes into effect to ensure all sign on profiles are set appropriately for the agency business. Enhancement Details As credit card holders are becoming more concerned with the security of their credit card data, the Payment Card Industry has issued standards for the protection of credit card data. In support of PCI compliance, both the Apollo and Galileo systems will begin encrypting credit card data in the form of payment field and masking the credit card number in form of payment fields in system displays. These changes apply to both the Apollo and Galileo systems accessed either through terminal emulation (Focalpoint ) or any type of structured data, including Viewpoint. The masking applies to: Form of payment (F- or F.) Hotel guaranteed payment area Car guaranteed payment area Stored fare form of payment Electronic ticket file SSR fields: o Guaranteed electronic payment (EPAY) o Guaranteed Payment (GUAR) o Form of ID (FOID) Profile/Client File displays of the items listed above Credit card numbers in fields that are not specified above will not be masked. It is therefore important that credit card numbers NOT be stored in fields other than those listed above. There will be no changes to the content of the MIR under this project. Credit Card Masking Jan 29 07 External Page: 4

All fields in the list above will be masked for all users of Apollo and Galileo with masking turned on. In addition to displays of live PNR/BFs, PNR/BFs displayed through PDQ will have the same fields masked using the same logic as the live system. Past Date data accessed off the CD will have all fields masked, regardless of AAT or sign on settings. The section below titled Sign on Profiles and AAT Settings provides details of options that exist at the agency and individual agent level. The masking applies to the card number only. The other parts of the form of payment will not be masked, for example vendor code, expiration date, authorization code, etc. Agents accessing the system through terminal emulation will see only the vendor code and the last four digits of the card number unmasked; the remainder of the card number will be masked with Xs. For structured data users, the response with the credit card number will have the first digit of the number displayed with all other digits of the number masked with 0s (that is zeroes, in order to maintain the field definition as numeric) except for the last four digits. Although the form of payment will be masked in the Profile or Client File display, when a move entry is made the actual card number will be moved into the PNR or BF and will be masked on the display. The system will know the real number even if the display of the number is masked. The entry F-AX371234567890128/D1208 will not be masked as it is entered. The usual response of * will be returned and the data will still be displayed on the screen. However, once a display entry, such as *R, is made, the card number will be masked. For the entry above, the card data will be displayed as: AXXXXXXXXXXXX0128/D1208 Some scripts might read the form of payment from the PNR/BF in order to add it to other fields in the PNR/BF or new segments, for example the car and hotel guarantee fields. These scripts will no longer work if the user has masking turned on since they will capture the masked data, not the actual number. TravelScreen Plus might be a good alternative for these situations since it will allow a guarantee form of payment to be entered which will be moved into the car or hotel segment sell. The following examples will show how fields, which will be masked, display before the enhancement and how they will display after the enhancement. Terminal Emulation Form of Payment: Current Form of Payment Apollo PNR display FOP:-VI4005550000000019/D1209 Masked Form of Payment Apollo PNR display FOP:-VIXXXXXXXXXXXX0019/D1209 Current Form of Payment Galileo BF display FOP -VI4005550000000019/D1209 Masked Form of Payment Galileo BF display FOP -VIXXXXXXXXXXXX0019/D1209 Credit Card Masking Jan 29 07 External Page: 5

Hotel Guaranteed payment: Current Hotel itinerary PNR/BF display 1. HHL RT HK1 LON 23FEB-24FEB 1NT 5652 NOVOTEL LONDON HEAT 1ROHRAC -1/RG-GBP124.00/AGT99999992/G-VI4005550000000019EX P1209/NM-TEST BOOKING/CF-1551HBM500* Masked Hotel itinerary PNR/BF display 1. HHL RT HK1 LON 23FEB-24FEB 1NT 5652 NOVOTEL LONDON HEAT 1ROHRAC -1/RG-GBP124.00/AGT99999992/G-VIXXXXXXXXXXXX0019EX P1209/NM-TEST BOOKING/CF-1551HBM500* Masked Deposit/Prepayment Format: Apollo: 1.1PATTON/DTEST 1 UA4926Y 22JUL LIHHNL SS1 800A 829A * SU E OPERATED BY ALOHA AIRLINES 2 HHL OR SS1 HNL 22JUL-23JUL 1NT 1043 OHANA WAIKIKI WEST 1STDBAR -1/RT-USD119.00/ADV GTE/AGT14537482/G-DPSTVIXXXXXXXXXXXX4403-EXP1209 3 UA4951Y 29JUL HNLLIH SS1 900A 937A * SU E OPERATED BY ALOHA AIRLINES Galileo: 1.1PATTON/DEBBIE 1. UA 1444 Y 22JUN PHXDEN HS1 0600 0843 O E FR OPERATED BY UNITED FOR TED 2. HHL ES SS1 DEN 22JUN-23JUN 1NT 52557 EMBASSY DENVER ARPT 1J1KAAA -1/RT-USD229.95/ADV GTE/AGT14537482/G-DPSTVIXXXXXX XXXXXX4403EXP1209 3. UA 1515 Y 25JUN DENPHX HS1 0700 0753 O E MO OPERATED BY UNITED FOR TED Car Guaranteed payment Current Car itinerary PNR/BF display 2. CCR ZR HK1 ATL 23FEB-24FEB CCAR/RG-USD24.65WD-UNL MI/BS-23212081/PUP-ATL01/ARR-9A/RC- AFD123/DT-5P/G-VI4005550000000019EXP1209/NM-TE ST BOOKING/CF-W8112189 * Masked Car Itinerary PNR/BF display 2. CCR ZR HK1 ATL 23FEB-24FEB CCAR/RG-USD24.65WD-UNL MI/BS-23212081/PUP-ATL01/ARR-9A/RC- AFD123/DT-5P/G-VIXXXXXXXXXXXX0019EXP1209/NM-TE ST BOOKING/CF-W8112189 * Form of Identification (FOID) Special Service Request Current Apollo FOID SSR display: GFAX- SSRFOIDQFHK1/CCVI4005550000000019-1CREDITCARD/MASK Credit Card Masking Jan 29 07 External Page: 6

Masked Apollo FOID SSR display: GFAX- SSRFOIDQFHK1/CCVIXXXXXXXXXXXX0019-1CREDITCARD/MASK Current Galileo FOID SSR display: ** MANUAL SSR DATA ** SSRFOIDQF HK 1 /CCVI4005550000000019-1CREDITCARD/MASK Masked Galileo FOID SSR display: ** MANUAL SSR DATA ** SSRFOIDQF HK 1 /CCVIXXXXXXXXXXXX0019-1CREDITCARD/MASK Guaranteed Electronic Payment (EPAY) and Guaranteed Payment (GUAR) Special Service Requests (SSR): Current Apollo GUAR SSR display: GFAX-SSRGUARWSNN1 VI4005550000000019/D1209/CREDITCARD MASKING Masked Apollo GUAR SSR display: GFAX-SSRGUARWSNN1 VIXXXXXXXXXXXX0019/D1209/CREDITCARD MASKING Current Galileo GUAR SSR display: ** MANUAL SSR DATA ** 1. SSRGUARWS NN 1 VI4005550000000019/D1209/CREDITCARD MASKING Masked Galileo GUAR SSR display: ** MANUAL SSR DATA ** 1. SSRGUARWS NN 1 VIXXXXXXXXXXXX0019/D1209/CREDITCARD MASKING Fare Form of Payment Current Apollo PNR Fare Form of Payment display: Response to T:$B or T:V >$B-*K29/FVI4005550000000019 D1209 *FARE GUARANTEED AT TICKET ISSUANCE* LAST DATE TO PURCHASE TICKET: 15APR07 $B-1 C06OCT06 DEN DL ATL 654.88Y0BV USD654.88END ZP DEN FARE USD 654.88 TAX 2.50AY TAX 49.12US TAX 4.50XF TAX 3.30ZP TOT USD 714.30 TICKETING AGENCY K29 DEFAULT PLATING CARRIER DL US PFC: XF DEN4.5 BAGGAGE ALLOWANCE: 2PC Response to *R or *T ATFQ-OK/$B-*K29/FVI4005550000000019 D1209/TAK29/CDL FQ-USD 654.88/USD 49.12US/USD 10.30XT/USD 714.30-6OCT Y0BV Credit Card Masking Jan 29 07 External Page: 7

Masked Apollo PNR Fare Form of Payment display: Response to T:$B or T:V T:$B or T:V response: >$B-*K29/FVIXXXXXXXXXXXX0019 D1209 *FARE GUARANTEED AT TICKET ISSUANCE* LAST DATE TO PURCHASE TICKET: 15APR07 $B-1 C06OCT06 DEN DL ATL 654.88Y0BV USD654.88END ZP DEN FARE USD 654.88 TAX 2.50AY TAX 49.12US TAX 4.50XF TAX 3.30ZP TOT USD 714.30 TICKETING AGENCY K29 DEFAULT PLATING CARRIER DL US PFC: XF DEN4.5 BAGGAGE ALLOWANCE: 2PC Response to *R or *T As displayed in the PNR (*R or *T) ATFQ-OK/$B-*K29/FVIXXXXXXXXXXXX0019 D1209/TAK29/CDL FQ-USD 654.88/USD 49.12US/USD 10.30XT/USD 714.30-6OCT Y0BV Current Galileo BF Fare Form of Payment display: FQ1 - S1 AP 18JUL06 64/AG P1 TEST/BOOKING G 21JUL06 * GBP 77.00 LON BD PAR 109.80HOWBMI NUC109.80END ROE0.537292 FARE GBP59.00 TAX 5.00GB TAX 13.00UB TOT GBP77.00 S1 FB-HOWBMI B-20K NB-23SEP NA-23SEP NONREF / FEE FOR CHANGE T S1/FVI4005550000000019*D1209 Masked Galileo BF Fare Form of Payment display: FQ1 - S1 AP 18JUL06 64/AG P1 TEST/BOOKING G 21JUL06 * GBP 77.00 LON BD PAR 109.80HOWBMI NUC109.80END ROE0.537292 FARE GBP59.00 TAX 5.00GB TAX 13.00UB TOT GBP77.00 S1 FB-HOWBMI B-20K NB-23SEP NA-23SEP NONREF / FEE FOR CHANGE T S1/FVIXXXXXXXXXXXX0019*D1209 Electronic Ticket File Current Apollo Electronic Ticket File display: TKT: 0161234567890 NAME: MANDY/BILL CC: 4005550000000019 USE CR FLT CLS DATE BRDOFF TIME ST F/B FARE CPN UA 2048 Y 23MAY SFOLAX 100P OK YSHUTTLE 80.91 1 UA 2049 Y 27MAY LAXSFO 300P OK YSHUTTLE 80.91 2 FARE USE 161.82 TAX 16.18 TAX 3.00XF TOTAL USD 181.00 FP VI40055500000000196661 EXP1209/ 0023 FC-1-MAY SFO UA LAX 80.91 US SFO 80.91 USD 161.82 END XFLAX3 Credit Card Masking Jan 29 07 External Page: 8

Masked Apollo Electronic Ticket File display: TKT: 0161234567890 NAME: MANDY/BILL CC: XXXXXXXXXXXX0019 USE CR FLT CLS DATE BRDOFF TIME ST F/B FARE CPN UA 2048 Y 23MAY SFOLAX 100P OK YSHUTTLE 80.91 1 UA 2049 Y 27MAY LAXSFO 300P OK YSHUTTLE 80.91 2 FARE USE 161.82 TAX 16.18 TAX 3.00XF TOTAL USD 181.00 FP VIXXXXXXXXXXXX0019 EXP1209/ 0023 FC-1-MAY SFO UA LAX 80.91 US SFO 80.91 USD 161.82 END XFLAX3 Current Galileo Electronic Ticket File display: TKT: 125 9900 168093 NAME: LINXCRE/TEST CC: AX370000000000028 ISSUED: 30OCT06 FOP:AX370000000000028-4321 PSEUDO: 0XJ6 PLATING CARRIER: BA ISO: GB IATA: 99999992 USE CR FLT CLS DATE BRDOFF TIME ST F/B FARE CPN OPEN BA 115 Y 30APR LHRJFK 1620 OK Y2 1 OPEN BA 178 Y 04MAY JFKLHR 0915 OK Y2 2 FARE GBP 730.00 TAX 20.00 GB TAX 13.00 UB TAX 103.60 XT TOTAL GBP 866.60 LON BA NYC Q5.66 682.99Y2 BA LON Q5.66 682.99Y2 NUC 1377.30END ROE0.530018 XT 1.40AY15.60US2.70XA3.80XY 2.70YC75.00YQ2.40XF JFK4.5 RLOC 1G KSV8X8 1A YOB9DU Masked Galileo Electronic Ticket File display: TKT: 125 9900 168093 NAME: LINXCRE/TEST CC: AXXXXXXXXXXXX0028 ISSUED: 30OCT06 FOP:AXXXXXXXXXXXX0028-4321 PSEUDO: 0XJ6 PLATING CARRIER: BA ISO: GB IATA: 99999992 USE CR FLT CLS DATE BRDOFF TIME ST F/B FARE CPN OPEN BA 115 Y 30APR LHRJFK 1620 OK Y2 1 OPEN BA 178 Y 04MAY JFKLHR 0915 OK Y2 2 FARE GBP 730.00 TAX 20.00 GB TAX 13.00 UB TAX 103.60 XT TOTAL GBP 866.60 LON BA NYC Q5.66 682.99Y2 BA LON Q5.66 682.99Y2 NUC 1377.30END ROE0.530018 XT 1.40AY15.60US2.70XA3.80XY 2.70YC75.00YQ2.40XF JFK4.5 RLOC 1G KSV8X8 1A YOB9DU Credit Card Masking Jan 29 07 External Page: 9

PNR / BF History Display Current Apollo PNR History display: ** HISTORY ** XS HHL HH 10NOV SS/HK 1 CHI 11NOV 1NT 4745 HILTON OHARE AIRP RT 1A01LV4-1/RT-USD159.00/AGT14537482/G-VI4005550000000019EXP1 209/NM-CREDIT MASK/CF-3241469112 * XS CCR AL 10NOV SS/HK 1 ORD -11NOV ECAR/RG-USD49.44DY-UNL FM X D69.44-UNL FM XH23.15-UNL FM/BS-14537482/PUP-ORDT71/RC-88EF/DT-6 A/G-VI4005550000000019EXP1209/NM-CREDIT MASK/CF-429435009COUNT * AQP PROQ/GK5*43 AS CCR AL 10NOV SS/SS 1 ORD -12NOV ECAR/RG-USD49.44DY-UNL FM X D69.44-UNL FM XH23.15-UNL FM/BS-14537482/PUP-ORDT71/RC-88EF/DT-6 A/G-VI4005550000000019EXP1209/NM-CREDIT MASK/CF-429435009COUNT * AO OSIUA*HH* HHLHHXX1CHI10NOV/CX-1686543947 * RCVD-P/C037864 -CR- XDB/GK5/1V AG VS 26JUL0246Z HS UA 532 Y10NOV DENORD NN/HK1 640A 954A * AFP VI4005550000000019/D1209 Masked Apollo PNR History display: ** HISTORY ** XS HHL HH 10NOV SS/HK 1 CHI 11NOV 1NT 4745 HILTON OHARE AIRP RT 1A01LV4-1/RT-USD159.00/AGT14537482/G-VIXXXXXXXXXXXX0019EXP1 209/NM-CREDIT MASK/CF-3241469112 * XS CCR AL 10NOV SS/HK 1 ORD -11NOV ECAR/RG-USD49.44DY-UNL FM X D69.44-UNL FM XH23.15-UNL FM/BS-14537482/PUP-ORDT71/RC-88EF/DT-6 A/G-VI XXXXXXXXXXXX0019EXP1209/NM-CREDIT MASK/CF-429435009COUNT * AQP PROQ/GK5*43 AS CCR AL 10NOV SS/SS 1 ORD -12NOV ECAR/RG-USD49.44DY-UNL FM X D69.44-UNL FM XH23.15-UNL FM/BS-14537482/PUP-ORDT71/RC-88EF/DT-6 A/G-VI XXXXXXXXXXXX0019EXP1209/NM-CREDIT MASK/CF-429435009COUNT * AO OSIUA*HH* HHLHHXX1CHI10NOV/CX-1686543947 * RCVD-P/C037864 -CR- XDB/GK5/1V AG VS 26JUL0246Z HS UA 532 Y10NOV DENORD NN/HK1 640A 954A * AFP VI XXXXXXXXXXXX0019/D1209 Current Galileo PNR History display: ** HISTORY ** SC CCR AL 10NOV HK/UC1 ORD -11NOV CCAR/BS-23212081/RC-AFD123/DT -2200/G-AX371019534732004/CF-... AVI CAL *FEHLENDES UNGUELTIGES ENDDATUM RCVD-FLL AL05JUL/1728 CRDT- FLL/ /1G AL 1946Z/05JUL VLR UA 532 Y 10NOV DENORD NN/HK1 640 954 O* AVL UA*NQSGG9 HDQRMUA 05JUL 1728 )> RCVD- CRDT- / /1G 1728Z/05JUL AQP PROQ/XX3*32*CLR HS UA 532 Y 10NOV DENORD NN/HS1 640 954 O B HS CCR AL 10NOV NN/SS1 ORD -11NOV CCAR/BS-23212081/RC-AFD123/DT -2200/G-AX371019534732004/CF-...B HS HHL GI 10NOV SS/SS1 CHI 11NOV 1NT23899 HILTON GI OHARE 1A1K-RAC -1/RT-USD209.00/ADV GTE/AGT23212081/G-AX371019534 732004*1206/CF-... Credit Card Masking Jan 29 07 External Page: 10

Masked Galileo PNR History display: ** HISTORY ** SC CCR AL 10NOV HK/UC1 ORD -11NOV CCAR/BS-23212081/RC-AFD123/DT -2200/G-AXXXXXXXXXXXX2004/CF-... AVI CAL *FEHLENDES UNGUELTIGES ENDDATUM RCVD-FLL AL05JUL/1728 CRDT- FLL/ /1G AL 1946Z/05JUL VLR UA 532 Y 10NOV DENORD NN/HK1 640 954 O* AVL UA*NQSGG9 HDQRMUA 05JUL 1728 )> RCVD- CRDT- / /1G 1728Z/05JUL AQP PROQ/XX3*32*CLR HS UA 532 Y 10NOV DENORD NN/HS1 640 954 O B HS CCR AL 10NOV NN/SS1 ORD -11NOV CCAR/BS-23212081/RC-AFD123/DT -2200/G-A XXXXXXXXXXXX0019/CF-...B HS HHL GI 10NOV SS/SS1 CHI 11NOV 1NT23899 HILTON GI OHARE 1A1K-RAC -1/RT-USD209.00/ADV GTE/AGT23212081/G-AXXXXXXXXXX XX2004*1206/CF-... Booking File Fixed format display Current Galileo Booking File Fixed format display: 00951D03009N0TC7E006/64009 XDBKR011 C378641006 AG003012 99999992 009 26JUL003010C37864100300699M 003510010060010030041014CREDIT/MASK 0115300300501005BA007 302005K 00823MAR006LHR006CDG005HK0051 0080 620 004 0080825 004O004 004 004E005FR005 005 004 00281101006001006LHN004N004/ 00352E01027VI4005550000000019/D1209 00112301003 Masked Galileo Booking File Fixed format display: 00951D03009N0TC7E006/64009 XDBKR011 C378641006 AG003012 99999992 009 26JUL003010C37864100300699M 003510010060010030041014CREDIT/MASK 0115300300501005BA007 302005K 00823MAR006LHR006CDG005HK0051 0080 620 004 0080825 004O004 004 004E005FR005 005 004 00281101006001006LHN004N004/ 00352E01027VIXXXXXXXXXXXX0019/D1209 00112301003 Credit Card Masking Jan 29 07 External Page: 11

Profile / Client File display Current Apollo Profile display: 1Y/N:1CREDIT/MASK 2Y/P:DENB/303-555-1212 3Y/T:T/ 4Y/R:P 5Y/F-VI4005550000000019/D1209 Masked Apollo Profile display: 1Y/N:1CREDIT/MASK 2Y/P:DENB/303-555-1212 3Y/T:T/ 4Y/R:P 5Y/F- VIXXXXXXXXXXXX0019/D1209 Current Galileo Client File display: 1Y/N.1CREDIT/MASK 2Y/P.LONB/071 397 5000 3Y/T.T* 4Y/R.PSGR 5Y/F.VI4005550000000019/D1209 Masked Galileo Booking Client File display: 1Y/N.1CREDIT/MASK 2Y/P.LONB/071 397 5000 3Y/T.T* 4Y/R.PSGR 5Y/F.VIXXXXXXXXXXXX0019/D1209 Structured Data The masked credit card data will be displayed as all zeros (0) except for the first digit and the last four digits in the: Form of Payment KLR. Hotel Optional field KLR. Car Optional field KLR. For example, credit card number 3123 7654321 8431 will display as 3000 0000000 8431. The following examples show the credit card numbers in the masked form. Stored Fare: Credit Card Masking Jan 29 07 External Page: 12

Form of Payment: Hotel Optional: Car Optional: AAT Settings A combination of new AAT and sign on profile settings will be used to control who does and does not see the unmasked credit card numbers. Three AAT fields will determine the criteria to be used for masking the credit card data. The first AAT field, MMSK, will indicate if the AAT or the sign on profile is to be used in determining if the card number should be masked. If MMSK indicates the AAT is to be used, then the other new AAT fields will indicate if card numbers are to be masked for structured data users (SMSK) and/or terminal emulation users (TMSK). If MMSK indicates the sign on profile is to be used, the CMSK field in the STD display will be used. At time of implementation, the fields will be set to use the sign on profile to determine if a specific user of the system will see the data masked or unmasked. If an agency wants to have numbers masked for all users without exception, they should contact the help desk to have their AAT changed so that MMSK is set to use the other AAT indicators, and ensure those indicators are set appropriately for the agency s terminal emulation and structured data interfaces. Credit Card Masking Jan 29 07 External Page: 13

Sign on Profiles By default, the sign on profile settings will result in no change to what the user sees. The default settings will be to NOT mask card numbers. The new control in the sign on profile is CMSK. It appears on the third screen of the display (STD/Zabc/**) and has two fields. All terminal security profiles will have the second field in CMSK set to N, which, depending on AAT settings, will result in no change to the display of card numbers (this is a change from the original advisory). The first subfield indicates the ability of the user to change the CMSK field for sign on profiles they own and applies to secondary authorizers. Secondary authorizers will have the first field set to Y (CMSK Y Y) and all others will have first field set to N (CMSK N Y). Secondary authorizer display (STD/Z123ABC/**) >STD/ Z123ABC/** NAME: CREDITCARD MASKING ADDRESS CODE: DENKF. TERMINALS IN USE:.../... AUTHORITY LEVEL: SECOND 1ST LEVEL: N 2ND LEVEL: N SELAC Y Y PFARE Y Y PDQA- Y Y BILL- N. DARVP Y Y COWNR Y Y ETOD- Y Y FSHP- N N DIAL- N N SPVRQ Y Y MSGQ- Y Y RULB- Y Y RULD- Y Y RULX- Y Y MNTR- N N HORAC N N PREV- Y Y PRO-C Y Y PRO-D Y Y PRO-M Y Y PRO-N Y Y PRO-O Y Y PRO-R Y Y PRO-T Y Y PRO-U Y Y QFWD- Y Y QSUM- Y Y AATV- N N DOTA N N HMLRG N N CMSK Y N................................... > Agent level display (STD/Z123ABC/**) >STD/ ZK29/CC./** NAME: CREDIT CARD MASK ADDRESS CODE: DENK29. TERMINALS IN USE:.../... AUTHORITY LEVEL: AGENT 1ST LEVEL: N 2ND LEVEL: N SELAC N N PFARE N N PDQA- N Y DARVP Y Y COWNR N N ETOD- N N FSHP- N N DIAL- N N SPVRQ N Y MSGQ- N Y RULB- N N RULD- N N RULX- N Y MNTR- N N HORAC N N PREV- N Y PRO-C N Y PRO-D N N PRO-M N Y PRO-N N Y PRO-O N N PRO-R N Y PRO-T N N PRO-U N N QFWD- N N QSUM- N N AATV- N N DOTA N N HMLRG N N CMSK N N................................... > Agency secondary authorizers should update the sign on profiles of the agents in their office to turn masking on as appropriate for each user in their office. If the secondary authorizer in the agency should only see masked data, he or she must contact the help desk to update his or her sign on profile. Although the industry does recognize the need for some personnel within the agency to see the unmasked card numbers, agency management is asked to keep in mind that good judgment must be used in selecting agency and agent level settings. New sign on profiles created after January 29 will have masking turned on by default. The creator can modify that setting during creation or at any time. See the next page for an example of the default settings. Credit Card Masking Jan 29 07 External Page: 14

>STD/ ZK29/CM./** NAME: CREDIT MASKING ADDRESS CODE: DENK29. TERMINALS IN USE:.../... AUTHORITY LEVEL: AGENT 1ST LEVEL: N 2ND LEVEL: N SELAC N N PFARE N N PDQA- N Y DARVP Y Y COWNR N N ETOD- N N FSHP- N N DIAL- N N SPVRQ N Y MSGQ- N Y RULB- N N RULD- N N RULX- N Y MNTR- N N HORAC N N PREV- N Y PRO-C N Y PRO-D N N PRO-M N Y PRO-N N Y PRO-O N N PRO-R N Y PRO-T N N PRO-U N N QFWD- N N QSUM- N N AATV- N N DOTA N N HMLRG N N CMSK N Y................................... > References HELP ENHANCE-MASK CREDIT CARD S*GEM/MASK CREDIT CARD Implications to Other Products Screen scrapers (such as Scriptwriter Plus or third party applications which read the PNR or BF display) Applications receiving our structured data 2007 Galileo International. All rights reserved. Information in this document is subject to change without notice. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and recording for any purpose other than the purchaser s personal use without the written permission of Galileo International. All screen examples and other inserts associated with system output are provided for illustration purposes only. They are not meant to represent actual screen responses, rates, etc. Galileo International may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. The furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property rights except as expressly provided in any written license agreement from Galileo International. All other companies and product names are trademarks or registered trademarks of their respective holders. Credit Card Masking Jan 29 07 External Page: 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information