Guidelines from EMVCo can help improve e-commerce payment authentication for air travel, with hotel and car rental purchases to follow
15 July 2020 – EMVCo, the global technical body that facilitates the worldwide interoperability and acceptance of secure payment transactions, has produced guidelines on how the travel industry can provide data to payment card issuers to better verify the authenticity of an e-commerce transaction using current payment authentication processes.
The International Air Transport Association (IATA) and travel technology company, Amadeus, have worked extensively with EMVCo to detail how the travel industry can share travel data to improve risk-decisioning. Both contributors are part of EMVCo’s Associate Programme, engaging with the technical body across a number of payment topics.
“This work is an extension of EMVCo’s EMV 3-D Secure (3DS), a messaging protocol that promotes frictionless consumer authentication and enables consumers to authenticate themselves with their card issuer when making e-commerce purchases,” explains Junya Tanaka, Chair of the EMVCo Executive Committee. “The additional security layer can help prevent unauthorised e-commerce transactions and protect the merchant from exposure to fraud.”
The EMV® 3DS Travel Industry Message Extension guidelines specifically describe how travel industry merchants can provide additional travel-related data to issuers for use in risk-decisioning, for example, information about the ticket, itinerary and travellers.
“The new guidelines document has been designed to help meet the specific needs of the airlines and travel agents to reduce transaction fraud using current systems, minimising additional friction during the purchase experience,” says Tanaka. “Work has already begun to update the guidelines to support hotel and car rental e-commerce transactions.”
Christophe Kato, Head, Payment Services at IATA, comments: “The airline industry has always looked to prevent fraud and better protect its customers. The EMV® 3DS protocol helps make internet card payments more secure, while achieving a better balance between security and customer convenience by letting the card issuer know more details about the intended purchase. IATA is proud to have supported the industry in the drafting of this extension by providing the details of the specific airline ticket data that can now be forwarded to the card issuer at transaction time.”
“As EMVCo Associates, we immediately saw the benefit of extending EMV® 3DS authentication request messages with airline information,” adds Jean-Christophe Lacour, Head of Merchant Services, Payments at Amadeus. “The travel industry is somewhat different from other e-commerce businesses due to the prevalence of distribution channels and the complexity of booking several travel segments from different providers in one purchase. We worked together to examine specific travel use cases to understand the data transmitted at specific touch points. Being able to leverage existing data allows merchants to share more insight on travel transactions and supports issuers in fighting fraud while also reducing friction when processing travel payments. Right now, it’s even more important our industry combats fraud and keeps payment friction to a minimum. This new EMV® 3DS Travel Industry Message Extension from EMVCo will help achieve that objective.”
The EMV® 3DS Travel Industry Message Extension is available on a royalty-free basis for anyone to download from the EMVCo website. To find out more about EMV® 3DS, view resources on the EMVCo website.
– ENDS –
Notes to Editors:
About the EMV® Associates Programme (EAP):
The EAP provides anyone with an interest in EMV® technology with opportunities for dynamic and early engagement on specification development beyond those offered to the general public. Many payment community stakeholders are active participants within EMVCo’s initiatives and have a significant influence on the work efforts of the organisation. Find out more.