Flybe encrypts customers’ credit card details

Low-cost airline Flybe is encrypting customers' credit card data and consolidated reports about network traffic and security incidents to comply with the Payment Card Industry's Data Security Standard.

Flybe has 20 million visitors a year to its website, and it takes 85% of its bookings for its 7.5 million passengers a year over the internet. It will use RSA's enVision technology to monitor incoming and outgoing database traffic and report exceptions from more than 2,000 terminals.

Chris Cooper, Flybe's IT security manager and PCI project leader, said the move was part of a pre-existing plan to upgrade network and information security. "It was integral to our plan to integrate all information messages to a single control point," he said.

Logs from Flybe's intrusion detection and prevention systems will go through the enVision tool for analysis and response to exceptions. Cooper said the growth of the business had considerably increased the volume of data flow. This meant the company had looked for a highly scalable system.

Matt Linsey, head of Flybe's IT services, said the airline industry is especially sensitive to security issues. "It was not hard to convince the board once we had explained the business case for the system," he said.

Flybe worked with systems integrator Gradian on the implementation.