Encryption is the process of scrambling data so only parties with the correct key can read it. In payments, encryption is used in transit (HTTPS/TLS, point-to-point encryption on card readers) and at rest (database encryption, tokenisation of card numbers). PCI DSS sets out the encryption requirements that apply to card data inside the cardholder data environment.
Travel payments glossary
Encryption
The process of scrambling data so only authorised parties can read it.
Why it matters in travel
Travel businesses handle card data across web checkouts, mobile apps, phone bookings, payment links and on-tour terminals. Strong encryption is the baseline that lets the business keep PCI scope contained and protect customers from data theft.
Encryption is one of the few areas where the cost of getting it wrong is wholly disproportionate to the cost of getting it right. A breach of card data — even a small one — ends in PCI-DSS sanctions, scheme fines, customer notifications and reputational damage that outlasts the incident by years. The baseline cost of strong encryption is trivial against that risk.
The travel businesses that take encryption seriously assume every system that handles card data will eventually be probed and design accordingly: tokenisation at the boundary, point-to-point encryption on card readers, key rotation that does not need a fire to remember. The businesses that economise on encryption discover the cost asymmetry the hard way.
How felloh helps
felloh handles card data through encrypted and tokenised flows so the underlying card number never sits in travel-business systems, while booking-level payment context stays available for finance and operations.
Where this shows up in compliance and protection.
Encryption touches more than one workflow at felloh. Start with the pages most travel teams reach for next.
- Compliance & Reporting
Prepare ATOL, APC, trust and audit evidence from live booking data — without a separate reporting layer.
Explore - Simplify ATOL & Trustee Reporting
Trust, escrow and protected-funds evidence drawn from the same record as the underlying payment.
Explore - Financial Protection Data
Authentication, settlement and protection evidence held against the booking for audit and regulator queries.
Explore
More on compliance and protection.
Real-world context from the felloh team and customers, written for travel finance and operations.
-
InsightsChanges to ATOL’s APC: what could it mean to your travel business
ABTA's latest update on ATOL reform — where the direction of travel is heading, and what APC Levy changes could mean for travel businesses.
Read article -
InsightsMaking ATOL renewals less painful: practical insights from TTC and felloh
Why ATOL renewals are getting harder — and how better payment visibility and connected data help travel businesses prepare with confidence.
Read article
Connect the dots.
See how payments, settlement, refunds and reporting evidence connect around every booking.