Managing client payments is a core function of every travel advisor’s workflow. Today, Tern deletes full credit card details every 30 days.

While this approach avoids the complexity of PCI custodial compliance, it significantly disrupts ongoing client servicing — particularly when we need to authorize multiple payments over longer planning cycles (cruises, tours, airfare, insurance, etc.).

We are requesting the implementation of a PCI-DSS compliant card vault solution with:

Encrypted storage + tokenization of card numbers

Access logs and permissions to protect against misuse

Automatic CVV expiration, as required by PCI standards

Display of a masked card number for confirmation (**** 1234)

Valid retention of stored cards until expiration or client removal

This approach is widely used in other travel CRMs and across the subscription economy. It allows agents to securely key cards into supplier systems (e.g., cruise lines, tour operators) while maintaining full client approval and documentation — which does not create any additional chargeback risk for Tern.

We fully understand this would require development and additional PCI certification investment.

This feature directly impacts our ability to efficiently serve our clients. Storing card data only to be deleted monthly results in repetitive requests that diminish client experience and trust

This enhancement would keep Tern competitive with other leading CRMs in the travel industry

If implemented, this would be a game-changing quality-of-service improvement for all Tern users and their clients — and would undoubtedly increase adoption and retention of Tern as a long-term CRM solution.

Thank you for considering this important evolution of the platform.