CONFIDENTIAL & RESTRICTED

Sharing PNRs &

Ticketing Documents
Security Rules to access the
PNR and ticketing documents

Introduction

What is unique with Amadeus system is that Travel agents and multiple Airline agents
can access to the same copy of the PNR and to the same e-ticket.

Amadeus security framework enables the record owner to set up specific security rules in
order to protect the access to these reservation records and to some data elements
pertaining to these records.

This document aims at explaining those rules and brings some light on who can access
them and on the possible rights for modification.

Note
This document focuses on PNR and ticketing documents access principles on the
Amadeus Platform for the Altéa Airlines and code share partners hosted in Amadeus
PSS: active PNRs, PNR history, archived PNR and ticketing documents.

For Travel channels using Amadeus GDS customers and Airline Distributed by Amadeus
GDS but not using Altea PSS, PNR and ticketing documents sharing capabilities are not
described in depth, only high-level principles.

Sharing PNRs & Ticketing Documents Page 1

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

General security principles

Amadeus Unique PNR notion

Common practice in the airline Industry and indirect distribution relies on the fact that
for travel agent bookings, the GDS holds a master copy of the PNR and airlines having a
segment present in such PNR is keeping its own copy in its PSS/Inventory system.

When multiple airlines are present in the PNR and in case of free flow code share, each
airline including the operating carrier has a partial copy of the Travel agent PNR in its
PSS system.

Synchronization between the different PNR instances is managed through messages

defined by IATA (AIRIMP).

Illustration

Amadeus specificity is to offer a PNR that is shared by all actors of the booking who are
working on the Amadeus platform (Travel Agencies on Amadeus GDS and Altéa Airlines).

Illustration

Sharing PNRs & Ticketing Documents Page 2

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

The booking source and the PNR participators have access to the PNR in read and write
mode, as soon as they are Amadeus users. This applies to both Altéa Airlines and
Amadeus GDS Travel Agencies.

This implies that all Altéa airlines participating to a trip (i.e. having segment(s) in the
PNR or operating code-share airline in case of code-share single PNR) have access to the
PNR.

Having a common booking record allows these actors having an operational efficiency.
However, the actors involved in the booking may not want to share all the booking data
between each other.

Therefore, the Amadeus platform is providing ways of controlling what can be shared or
not:

Amadeus PNR security applies in order to make sure that the right data is shown to the
right party.

PNR ownership notion

Even though legally speaking, Amadeus actors involved in the booking (Amadeus GDS
Travel Agency and/or Altéa Airlines of the itinerary), are all co-owners of the PNR, there
is as well a notion of PNR owner in the industry and hence, in the Amadeus Platform.

This “PNR owner” represents the entity responsible of the booking:

Both airlines and travel agencies can create a PNR. When a PNR is created by an entity
(airline or travel agency), it is owned by this entity.

Sharing PNRs & Ticketing Documents Page 3

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

Highlight
As soon as an end user can retrieve and display a PNR, the end user is as well
authorized to display the PNR history.

When a PNR is archived, the archived PNR can be retrieved by users who were
authorized to retrieve the PNR when still active.

Who can access the PNR?

Partnership principles
On top of these general security rules, Amadeus security framework enables to define
specific access rights between partners.

These partnerships can be set up to give the access rights:

 at Entity/Office level: the access rights will target all PNRs

 at PNR level: the access rights will target one specific PNR only

These access rights can be:

 No access
 Read only
 Read and Ticket
 Read and Update
 Change PNR ownership

PNR sharing between Amadeus users

As stated above, the booking source and the PNR participators (all Altéa Airline,
Amadeus Travel Agencies, and/or Altéa operating Partners single codeshare PNR), have
access to the PNR in read and write mode, however, it does not mean that all Amadeus
users share their PNRs by default:

 Amadeus GDS Travel agencies do not have access to PNRs owned by Airlines

 Altéa Airlines do not have access to Amadeus Travel Agencies’ PNRs, unless one
of their flight segment is or was present in the PNR at a point in time.

PNR sharing within an Altéa Airline

All offices of Airline(s) participating to the trip can, by default, view and update the PNR,
except changing the ownership of the PNR or adding security at PNR level (ES element):

Sharing PNRs & Ticketing Documents Page 4

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

only the Airline office owning the PNR is allowed to change the ownership of this PNR, or
add an ES element.

Indeed, Airline ATOs/CTOs (call centers and ticket offices) are by default sharing all their
PNRs as members of a same corporation, e.g. YY0.

This does not apply to offices with a corporate qualifier different from 0.

Partnership between two Altéa Airlines

Using the Amadeus PNR security framework, an Altéa airline is provided the capability to
grant PNR access to another Altéa airline even though this other airline has no segment
present in the itinerary.

Partnership between an Altéa Airline and an Amadeus GDS Travel Agency

The Altéa Airline or the Amadeus Travel Agency can set up agreements for PNR access
using the Amadeus Security framework.

What can be accessed in the PNR?

By default, when the entity (Airline or Travel Agency) is authorized to access the PNR,
most PNR elements can be viewed, modified or cancelled (Some elements can only be
created/modified by airline agents e.g. SK elements, other elements are specific to travel
agency only e.g. billing information).

However, the security and access levels depend on the type of PNR elements as detailed
below:

Security defined within the PNR element

Some security can be applied at element level, directly ‘’embarked’’ into the element.

It enables to define within the element at creation time, who can access this element, in
read and/or write mode.

Therefore, this element will only be accessible by the entity having the rights to view
and/or modify it.

For keyword (SK) elements, the security is managed through rules defined/managed by
the airlines at system level.

It is possible to define security within the following PNR elements:

Sharing PNRs & Ticketing Documents Page 5

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

Contact elements

Email address (APE)

In addition, to the security defined within the APE element restricting the access to the
specified offices only, the email address can be kept confidential and hence be restricted
to any other Amadeus offices than the office creator.

For more information, please refer to HE APE, MS 316

Notification contact (APN)

The APN element can be created by either an Airline office or a Travel Agency office.

By default, if no office is specified within the APN element, any office accessing the PNR
will be able to view and modify the APN element.

Otherwise, the APN creator can specify which offices, from its own corporation or not,
can view and/or update the element.

In this case, the APN element will be accessible by the office that created the security
parameters and by any office matching one of the office(s) listed within the APN element

For more information, please refer to HE APN, MS 211

Remark elements

General remarks (RM, RM* -except RM*ACC-)

General remarks are, by default, visible to all users who have the authority to view the
PNR, except when security is set within the remark by specifying an office id or a
corporate family or a list of office ids or office(s) who has/have an agreement with the
office(s) specified within the remark element.

For more information, please refer to HE RM, MS 610

Confidential remarks (RC)

Confidential remarks can only be viewed/modified by designated offices upon PNR
retrieval.

Access to confidential remarks can be extended to office(s) who has/have an agreement

with the office(s) specified within the remark element.

For more information, please refer to HE RC, MS 127, MS 190

Itinerary & Invoice remarks (RI)

Itinerary & Invoice remarks are used to customize documents printouts such as the
invoice, itinerary.

Sharing PNRs & Ticketing Documents Page 6

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

Itinerary & Invoice remarks are, by default, visible to all users who have the authority to
view the PNR, except when security is set within the remark by specifying an office id or
a corporate family or a list of office ids or office(s) who has/have an agreement with the
office(s) specified within the remark element.

For more information, please refer to HE RI, MS 85, MS 715

Option elements

Auto Queue Placement Confidential option (OPQ)

This Confidential Option element allows Altéa Airlines to control their PNRs. With the
addition of this element, the Airline can queue-place PNRs for action without the agent
being able to see the content of the field.

The OPQ element is confidential, and it can only be entered by authorized Airlines.

By default, it can only be viewed and cancelled by:

 the creator’s office,
 and/or offices belonging to the same corporate family,
 and/or offices having agreement with that corporate family.

Otherwise, by specifying an office Id, or a corporate id within the element, the creator of
the element can decide which offices can view and remove the element.

Auto Cancel Confidential option (OPX)

Airline offices can add an OPX element to the PNR so that on a specified date, all their
Airline itinerary elements are automatically cancelled.

Defining an office id or an Airline Corporate family within the OPX element will allow
specified entities to view/cancel the OPX element.

For more information, please refer to HE OP, MS 337

Other PNR elements specific security

Special Keywords
Special Keywords elements (SK) enable airlines to use their own in-house keywords and
add them to the PNR in a similar manner to SSR and OSI elements, whenever a non-
standard AIRIMP codes needs to be used.

Special Keywords are defined in the Airline Keyword Table, allowing to store airline-
specific keywords and their associated rules.

Security to manage and share Special Keywords and their content can be:

 At Entity/Office level: managed by agreements between Airline offices

Sharing PNRs & Ticketing Documents Page 7

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

o The access of keywords in a PNR can be granted or restricted to selected

offices, in Read/Write or Read only mode

 At a specific Keyword definition level: managed in the Keyword Table

o Which offices have the right to add and display an SK element in a PNR

o Specific access to office owner to view and delete the SK element when
present in the PNR

Credit Card number concealment

Credit card numbers are concealed to comply with the PCI-DSS standards.

Sharing PNRs & Ticketing Documents Page 8

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

Who can access the Ticketing documents?

General access rules for ticketing documents
These general rules apply for the TST (ticket image created before issuance linked to the
PNR), the e-Ticket and the EMD.

 When the Airline is the validating carrier:

All agents (from the validating airline) can access tickets and EMDs, no matter who
has created the booking.

 When the Airline is the operating carrier (Single Codeshare and interline PNRs):
All agents can access tickets and EMDs,

 The display is restricted compared to the validating carrier view. By default, coupons
for which the airline is not operating will not be visible by its agents: the operating
carrier can only see the coupons related to the operated flights & services.

In case of private or negotiated fare, the validating carrier can hide the fare in the
TST to other carrier at partner level. To do so there is setting in Ticketing
Configuration Manager. User guide available in the Service Hub portal.

 For Airlines owned PNRs, Travel Agency offices can access Airline’s tickets and EMDs
only if the Airline has setup specific agreements using the Amadeus security
framework.

 Similarly to PNR extended security element (ES), Ticket, TST, EMD access for one
specific PNR can be granted (ES-T).

TST accessibility
PNR access rights also include access to the TST:

 An agent having read only rights to the PNR will have read only to the TST. This
means that the user will not be able to manually modify the TST, nor reprice,
rebook/reissue the PNR.

 An agent having read and write access rights to the PNR, will also have read and
write access to the TST. This means that this agent will be able to manually
modify the TST, and/or reprice, rebook/reissue the ticket (As office might be
different, the fare may also change resulting from a different pricing).

E-Ticket accessibility
Validating carrier has always access to the e-ticket.

By default, in case of codeshare or interline,

- The marketing carrier has access to the e-ticket

- The operating carrier has access to the e-ticket if participating to the itinerary

Sharing PNRs & Ticketing Documents Page 9

Monday, 28 January 2019
 CONFIDENTIAL & RESTRICTED

Airlines can set up their access agreements at entity/office level using the Amadeus
security framework.

E-Ticket accessibility (including Fare & Pricing information) can also be granted at PNR
level. In this case, the user will have the possibility to ticket the PNR.

A specific access for Ticketing only is also available for Airline ATO/CTOs and Travel
Agency offices.

When travel agent creates and issues the ticket, the travel agent has access to the
ticket.

TST is accessible as soon as PNR access has been granted, E-ticket is accessible only if
DCB EOS has been set.

Sharing PNRs & Ticketing Documents Page 10

Monday, 28 January 2019