Vietnam Airlines obtains security certification of PCI DSS Compliance Level 2

The certification means information of clients using credit cards for transactions on online channels of the national flag carrier is protected from scams or security breaches.

Vietnam Airlines is currently the first and only carrier of Vietnam to be granted the certification of PCI DSS Compliance Level 2, which is for merchants that process 1 - 6 million credit card transactions annually.

PCI DSS, the abbreviation for Payment Card Industry Data Security Standard, is an international security standard developed by the PCI Security Standards Council, a non-profit organisation set up by credit card companies such as Visa, MasterCard, American Express, Discover and JCB.

The main target of PCI DSS is to ensure appropriate security protection measures are taken to protect clients’ information and property during credit or debit card payments.

To meet PCI DSS Compliance Level 2, Vietnam Airlines has to satisfy 12 groups of strict standards for its entire infrastructure system.

PCI DSS has four compliance levels based on the number of annual card transactions a merchant processes: Level 1 – over 6 million card transactions annually (usually for banks), Level 2 – 1 to 6 million transactions annually, Level 3 – 20,000 to 1 million transactions annually, and Level 4 – fewer than 20,000 transactions annually.

Earlier, Vietnam Airlines had achieved the PCI DSS certification for merchants with less than 1 million card transactions each year.