Independent OTA - No Carrier Endorsement
Independent OTA - No Carrier Endorsement
Live Chat We're online 24/7

Real-Time fares sourced directly from live airline inventory via our supplier API. Prices include all taxes and are subject to change until the booking is confirmed.

Need Help? Call Us 24/7 +1-855-738-4269

PCI DSS Compliance, SAQ-D Program & End-to-End Secure Environment (Website + Call Operations)

My Flights Portal operates within a PCI DSS–aligned security and compliance environment designed to protect payment information and sensitive customer data throughout the complete service cycle—from online checkout to agent-assisted support. Our security program is maintained under SAQ-D compliance, which is the most comprehensive PCI Self-Assessment Questionnaire category and is typically associated with mature controls across technology, networks, systems, access governance, monitoring, and operational procedures. This reflects our commitment to a high standard of protection for cardholder data and a controlled payment ecosystem.

1) Secure-by-Design Website & Payment Environment

Our booking platform is maintained with layered security controls that support PCI expectations for a secure card-processing environment, including:

  • Encrypted transmission (TLS/HTTPS): Data in transit is protected using strong encryption to reduce the risk of interception or tampering.
  • Hardened configurations & secure baseline controls: Systems are maintained with security-focused configuration standards to reduce exposure.
  • Access control & least privilege: Administrative and operational access is restricted, permission-based, and managed to minimize unnecessary access.
  • Secure authentication and credential governance: Access is protected through strong authentication practices and controlled credential handling.
  • Logging, audit trails, and monitoring: Security logging and monitoring practices support visibility, detection, and traceability.
  • Patch and vulnerability management: Updates and remediation processes are implemented to address known weaknesses and reduce attack surface.
  • Secure development and change control: Website updates are managed through disciplined change practices to reduce deployment risk and maintain integrity.

2) Independent Scanning & Continuous Validation (ASV)

To support continuous security validation, our website and applicable internet-facing systems are periodically scanned by an Approved Scanning Vendor (ASV), Backbone Security, Inc. These external scans help identify vulnerabilities, insecure configurations, or outdated components so we can prioritize remediation and maintain a compliance-ready posture. Periodic scanning is part of a broader security lifecycle that emphasizes continuous improvement, risk reduction, and proactive defense.

3) Call-Centric Services with PCI-Aware Handling

We understand that travel bookings often involve call support, booking assistance, and post-booking servicing. Our customer support operations are maintained with PCI-aware procedures to ensure payment-related interactions are handled in a controlled and secure manner. This includes:

  • Controlled access to customer information: Role-based handling of data with operational safeguards.
  • Secure workstation and process discipline: Structured operating guidelines to reduce unauthorized exposure of customer details.
  • Minimization principles: Emphasis on limiting the collection and exposure of sensitive payment information to what is strictly necessary for service delivery.
  • Monitoring and quality procedures: Processes that support consistent adherence to compliance and security expectations during customer interaction.
  • Policy-based handling of sensitive data: Procedures aligned with secure servicing practices for itinerary changes, cancellations, refunds, and assistance workflows.

4) “Data is Safe All the Way” — What That Means

When we say your data is protected end-to-end, we mean our controls are designed to safeguard information across the full journey:

  • During browsing and checkout: Data is encrypted and handled within a controlled web environment.
  • During payment processing: Controls aligned with PCI DSS help protect cardholder data and reduce exposure.
  • During support interactions: Our call operations follow structured security guidelines intended to keep sensitive details protected.
  • During ongoing servicing: Security practices extend to post-booking support, record handling, and operational access management.

5) Compliance-Driven Culture & Operational Readiness

Our PCI DSS program supports a strong compliance foundation including: information security policies, training and awareness, incident response readiness, access governance, system monitoring, vulnerability remediation, and documented operational controls. These components are essential in maintaining an environment that prioritizes customer trust and the protection of payment data.

Summary

My Flights Portal maintains a PCI DSS–aligned, SAQ-D compliant environment covering both our online platform and call-centric service operations, supported by periodic external vulnerability scanning performed by ASV Backbone Security, Inc. This layered approach helps keep customer and payment information protected through secure transmission, controlled handling, continuous monitoring, and proactive vulnerability management—supporting a safer booking experience from start to finish.

Note: No system can be guaranteed 100% risk-free. However, our PCI-driven controls and external scanning practices are implemented to meaningfully reduce risk and support a secure payment environment across our website and support operations.

QUICK LINKS

LEGAL LINKS

ADDRESS

address Registered Address :  
1142 Hicksville Rd, Massapequa, NY 11758 | US

email :   Support@myflightsportal.com

telephone :  +1-855-738-4269

  • facebook
  • instagram
  • twitter
  • pinterest
  • youtube
  • linkedin

Disclaimer: My Flights Portal, Inc. is an independent Online Travel Agency (OTA). We are not owned, operated, sponsored, endorsed, or controlled by any airline. Airline names, logos, and trademarks are the property of their respective owners and are used only for identification purposes. Fares and availability displayed on our website are retrieved in real time through supplier systems/APIs and may change at any time due to inventory updates, fare rule changes, or airline restrictions. Ticketing & Consolidators: My Flights Portal facilitates bookings as an intermediary between the traveler and the airline/supplier. Ticket issuance may be fulfilled through our airline consolidators and ticketing partners, subject to real-time availability, payment authorization, verification checks where required, and supplier acceptance. A reservation is considered confirmed only after e-ticket issuance and delivery of the e-ticket number(s) to the email address provided at checkout. Read More

agent
Phone +1-855-738-4269

Our Flight Experts are live 24/7. Your call will be handled by an agent at My Flights Portal, an independent, self-operated OTA. You can receive assistance with new reservations, existing bookings made with us, or general travel inquiries.