Barich, Inc.

The Transportation Research Board (TRB) commissioned a quick response project to provide a resource digest of background information on the data protection requirements for Payment Card Industry Data Security Standards (PCI DSS) and its applicability to the airport environment. Barich, Inc. under the direction of an Airport Cooperative Research Program (ACRP) panel, conducted the research, developed the outline, and produced the digest presenting PCI DSS and the impacts that an airport needs to consider when reviewing their credit data retention policies and the systems the process transactions using credit cards. The research was conducted through interviews and surveys with airports of varying sizes, discussions and communication with payment card industry experts, publication reviews, and discussions with panel members on the subject matter.

The primary objectives of the digest can be summarized in the following items:

• Provide a basic introduction of the PCI DSS compliance requirements, audit considerations, and validation methods
• Present the potential airport business entities that may need to consider PCI DSS compliance requirements
• Introduce PCI DSS considerations on the Common Use environment
• Present guidelines and resources for airport use

The project was completed on time and within the budget set. The resulting digest was published October, 2010 and is available as a resource on the Transportation Research Board website as Research Results Digest 11: Helping Airports Understand the Payment Card Industry Data Security Standard (PCI DSS).

Airport Cooperative Research Program

Bob Hope Airport

Phoenix Sky Harbor International Airport

San Antonio International Airport

San Diego International Airport

San Francisco International Airport