Technical Body Supports Travel Sector’s Fight Against Transaction Fraud

July 15, 2020

Guidelines from EMVCo can help improve e-commerce payment authentication for air travel, with hotel and car rental purchases to follow

 EMVCo, the global technical body that facilitates the worldwide interoperability and acceptance of secure payment transactions, has produced guidelines on how the travel industry can provide data to payment card issuers to better verify the authenticity of an e-commerce transaction using current payment authentication processes.

The International Air Transport Association (IATA) and travel technology company, Amadeus, have worked extensively with EMVCo to detail how the travel industry can share travel data to improve risk-decisioning. Both contributors are part of EMVCo’s Associate Programme, engaging with the technical body across a number of payment topics. Input was also received from Expedia on these new guidelines.

“This work is an extension of EMVCo’s EMV® 3-D Secure (3DS), a messaging protocol that promotes frictionless consumer authentication and enables consumers to authenticate themselves with their card issuer when making e-commerce purchases,” explains Junya Tanaka, Chair of the EMVCo Executive Committee. “The additional security layer can help prevent unauthorised e-commerce transactions and protect the merchant from exposure to fraud.”

The EMV 3DS Travel Industry Message Extension guidelines specifically describe how travel industry merchants can provide additional travel-related data to issuers for use in risk-decisioning, for example, information about the ticket, itinerary and travellers.

“The new guidelines document has been designed to help meet the specific needs of the airlines and travel agents to reduce transaction fraud using current systems, minimising additional friction during the purchase experience,” says Tanaka. “Work has already begun to update the guidelines to support hotel and car rental e-commerce transactions.”

Christophe Kato, Head, Payment Services at IATA, comments: “The airline industry has always looked to prevent fraud and better protect its customers. The EMV 3DS protocol helps make internet card payments more secure, while achieving a better balance between security and customer convenience by letting the card issuer know more details about the intended purchase. IATA is proud to have supported the industry in the drafting of this extension by providing the details of the specific airline ticket data that can now be forwarded to the card issuer at transaction time.”

“As EMVCo Associates, we immediately saw the benefit of extending EMV 3DS authentication request messages with airline information,” adds Jean-Christophe Lacour, Head of Merchant Services, Payments at Amadeus. “The travel industry is somewhat different from other e-commerce businesses due to the prevalence of distribution channels and the complexity of booking several travel segments from different providers in one purchase. We worked together to examine specific travel use cases to understand the data transmitted at specific touch points. Being able to leverage existing data allows merchants to share more insight on travel transactions and supports issuers in fighting fraud while also reducing friction when processing travel payments. Right now, it’s even more important our industry combats fraud and keeps payment friction to a minimum. This new EMV 3DS Travel Industry Message Extension from EMVCo will help achieve that objective.”

The EMV® 3DS Travel Industry Message Extension is available on a royalty-free basis for anyone to download from the EMVCo website. To find out more about EMV 3DS, view resources on the EMVCo website.


Categorised in: