Ypsilon.NET AG

Ypsilon PCI DSS Proxy Solutions

A lot of online agencies, tour operators or consolidators, car and hotel suppliers store sensitive payment details in their environment without securing the data in a safe environment and without being PCI DSS certified. They usually do not have the knowledge nor the Resource (IT or financial) to tackle such a certification.

Ypsilon provides PCI DSS Token proxy solution in order to allow travel companies to operate in compliance with the PCI DSS standards.

The Ypsilon „Norris“ secure storage provides a set of network proxies that filter network messages and remove or add sensitive payment information to these messages and replaces them with neutralized tokens. (Tokens are randomly created unique identifiers composed of numbers and letters and are not mathematically reversible. Tokens are totally useless for hackers.)

It is able to handle all sorts of network protocols such as http/https or travel industry specific protocols such as the proprietary Start/Toma protocol, as well as a wide range of payload types such as REST, XML, SOAP or a simple HTTP POST request.

These components are used to ensure that the infrastructure in question (the Target Company), does not store any sensitive data, simplifying or completely avoiding a PCI-DSS certification.

Fraud Prevention & management

Skimming, Phishing, Identity theft, application Fraud, Account takeover, carding, CNP fraud, Bin attack etc. Fraud amounts to billions of losses and is major threat to agencies, OTAs, airlines and the travel industry in general. Airlines alone suffered a loss of $1.48 billion worldwide in 2010. Charge backs and ADMS can go in thousands of euros per Booking and create substantial financial damages.

Ypsilon.Net AG connects payment services and fraud prevention system to all major GDS and airline CRS. Fraud management or payment validation can be directly related to a reservation system in order to act on the booking based on the fraud scoring or payment acceptance. Our automated fraud prevention system is specifically designed for the travel industry as we believe that the information and process are completely different than for the regular retail sectors.

The fraud pattern recognition can be adapted to the specific customer needs and markets. Rules can be precisely defined based on over 250 metrics as well as internal and external modules such as black and white lists, customer solvency information, Perseuss data, Ethoca alerts etc..

Scoring results are presented graphically in the back office module and can be linked on request to GDS or CRS commands such as individual queuing, insertion of remarks or OSI, cancellation of booking, modification of segment status, removal of seating assignment for short term departure and more.

LCC, GDS, Charter & Conso XML API

The XML API interface provides access to the full content of the Ypsilon booking engine.

One common source of content for all GDS, low-cost carriers, charters and consolidated net fares. The focus of data exchange is set on providing information for the flight booking process. In addition, information about completion of bookings is also provided. It provides access to the full GDS air content, consolidator Net fare, low-cost carrier content and charter flights.

Due to the fact that the Ypsilon XML Pro is based on officially standardized and modern technologies such as HTTPS and XML, it extremely easy to implement.

Various knowledge sources can be found in the internet for the development of client applications. The XML API offers content from all major GDS, over 180 low cost carriers, charters, web fares, direct connect fares and consolidator fares.

The API provides a full blown search and booking capability, from availability and pricing request to booking request. The XML API is GDS independent and is offered as SaaS “software as a service”. It does not require any hardware on the customer side.