Planned My ARC System Maintenance February 9 and 16
My ARC, including all tools and products, will be unavailable on the following two Sundays, February 9 and 16, 2020 from 1:00 a.m. until 7:00 a.m. (EST). During these times, you will be unable to access My ARC, including Memo Manager and IAR. Theses full system outages are required to perform crucial system and software updates.
We realize that any system outage may be an inconvenience, but ARC is committed to providing a safe and secure operating environment. The Sunday dates and early morning hours were purposely selected to minimize the impact to most My ARC users. Your understanding and patience are appreciated as we improve and upgrade ARC’s systems. Please share this information with others in your organization that may be impacted.
Great Lakes Aviation Voluntarily Deletes from ARC
Great Lakes Aviation (ZK/846) has announced it will voluntarily delete from ARC effective Monday, February 3, 2020 (PED 02/09/2020). Should you have any questions, please contact ARC’s Customer Care Center at 855-816-8003 or firstname.lastname@example.org.
Airlink Now Accepts Visa and MasterCard
Effective with sales issued on Monday, February 3, 2020 (PED 02/09/2020), Airlink (749/4Z) will begin accepting Visa and Mastercard as forms of payment through ARC.
CemAir Now Accepts American Express
Effective with sales issued on Monday, February 3, 2020 (PED 02/09/2020), CemAir (225/5Z) will begin accepting American Express as a form of payment through ARC.
Memo Manager Moving to New Platform
As the industry’s go-to source for memo processing and payment, Memo Manager is evolving to proactively ensure the integrity of its system and data. Starting February 13, the online tool will leverage a new platform to enhance technology efficiencies. Users of Memo Manager will not experience any service interruptions or functionality changes as a result of this migration. However, users may notice a slight difference in the product’s appearance.
If you have any questions about this product migration, please contact ARC’s Customer Care Center at 703-816-8000 or email@example.com.
GDS Best Practices to Prevent Fraud
ARC has identified the return of a fraud scheme, first identified in 2017, in which a fraudster gained unauthorized access to a GDS, which allowed them to remotely bridge into a second agency to issue tickets. To help deter or prevent future unauthorized access incidents, ARC recommends that each agency review their GDS access controls to tighten security.
The following tips, outlined below, may help reduce an agency’s exposure to fraudulent activity:
- Obtain references and conduct a due diligence or background check on each employee or contractor.
- Consider requiring employees and contractors to sign a “hold harmless” indemnification agreement, making them liable to the agency for any transaction issued on their user login credentials.
- Purchase errors and omissions insurance for your agency that provides liability coverage for cyber theft, unauthorized ticketing, stolen tickets and credit cards, etc.
- Review your GDS systems, users and login credentials frequently to determine whether any bridges or links exist, and whether they are still required.
- When an employee or contractor is terminated, immediately revoke that person’s access to your computer systems and the GDS.
- Disconnect bridges and all other links or connections between accounts no longer in use.
- Restrict each GDS user’s level of access to only necessary privilege. For example, cruise-only agents may only need access to view or book.
- Review each account’s level of access frequently (e.g., “look and book access,” “book and ticket access”) and adjust or restrict as necessary.
- As a best practice, ensure strong passwords are used to log into your agency’s workstations and laptops. Apply a rule that requires a password change at least every 90 days.
- Consider implementing two-factor authentication to access your GDS. Contact your GDS provider for more details.
- Smaller agencies may want to turn off ticketing ability for the hours they are not open. Contact your GDS provider for more details.
- Review ticketing queues every day, including weekends and holidays.
- Review bookings on a daily basis and validate that they have been created for legitimate customers.
- Look for tickets that are not typically issued by your agency, such as international cash sales with immediate departures.
If You Suspect Unauthorized Ticketing or Access
- Immediately void the ticket(s) through your GDS to obtain an ESAC code.
- Notify the affected airline.
- Cancel the PNR or return segments, if the outbound trip has already been flown.
- Contact your GDS to report compromised IDs, pseudo city codes (PCCs) or passwords and ask for immediate assistance to prevent additional unauthorized ticketing or access.
Note that each GDS will have its own security and fraud guidelines. It’s recommended that you familiarize yourself with those guidelines and apply them to safeguard your business.
At ARC, we are committed to reducing fraud against travel agencies. Please report all fraud incidents to firstname.lastname@example.org, or call 855-358-0393.
Tip of the Week: Saving and Ignoring Modifications in IAR
What should you do if you are modifying or adding a transaction in IAR, but no longer want to save those changes? Just select the Ignore button instead of ET.
Selecting “Ignore” allows you to exit the transaction without saving any changes. When “Ignore” is selected, a basic confirmation message prompting you to confirm your intent to ignore will be displayed. If you select “Yes,” any changes made will be lost and the transaction will be returned to the IAR database in the same state as when it was initially retrieved. If you select “No,” you are returned to the most recent screen accessed and any changes you made will still be present. When adding a new transaction, selecting “Ignore” means that no action will be taken and the transaction will not be added to the sales report.