IATA PCI DSS - How to tell IATA that you do not use credit cards
Agencies that do not want to send PCI DSS confirmation to IATA and do not mind that they will not be able to add credit cards to the GDS, need to fill in this form and send it through the Customer Profile (BSP/IATA).
If I opt out of credit card form under New Gen ISS, do I have to be PCI DSS Compliant? If an agency does not process credit card transactions, the Travel Agency must submit a declaration signed by the authorized signatory of the Travel Agency. Such Travel Agency will not be required to provide compliance evidence, however this information will be kept on file and once New Gen ISS resolutions are effective in a country, the Credit Agency form of payment will be switched off.
Your CEE Travel Systems team