Payments in omni-channel environment – what to watch out for in 2016
Ai’s Ritesh Gupta takes a detailed look at 13 key issues and developments, including IT infrastructure, NDC, data strategy, fraud, security etc. that airlines need to keep a tab on.
Mobile wallets, wearables, QR codes, in-store, self-pay kiosk, PC, tablets, bitcoin…the list of existing and emerging touchpoints and encompassing technology that can facilitate a transaction continued to get prolonged in 2015.
On top of this, the possibility of identifying a passenger every time they get in touch with a brand is forcing airlines, OTAs and the travel sector on the whole to go for a flawless payments strategy.
And the story doesn’t end there.
Customer experience, backed by data and analytics, is just one aspect. So if the choice of payment just the way a traveller needs is one side, evaluating legitimacy and tackling fraud in real-time is the other side.
So in 2016, airlines would need to act swiftly to keep up with the pace of change in this arena. Here we explore top developments and issues that are important for offering a sublime experience and fraud management:
Changing payment landscape: In its recent report titled, Omni-Channel Banking The Digital Transformation Roadmap , Efma & Backbase referred to disruptive climate of banking.
The report referred to what the likes of Apple (in possession of most consumer credit cards, growing iTunes ecosystem and Apple Pay), Google (Android Pay, sending money via Gmail) and PayPal (handling more international transfers than the top five banks put together) are up to.
There is a need to keep an eye on the functioning of banks, too. It is being highlighted that these organizations are currently in the experimentation or deployment phase of their omni-channel strategy.
Follow Ai on Twitter: @Ai_Connects_Us
Outsmarting a fraudster with machine learning
Machine learning automatically learns about new fraud patterns in real-time. Can it help in combating fraud? Ai’s Ritesh Gupta finds how it deals with fraudsters
Travel brands are keenly looking at fighting fraud, revenue leakage and also curtailing associated costs.
In the era of omni-channel commerce, where airlines and OTAs need to embrace various forms of payment methods, companies face fraud on multiple fronts: on top of credit card fraud, merchants must deal with fraudulent accounts, abuse of promotional codes, and spammy content on their websites, like fake reviews or phishing messages. So how to keep a tab on such bad online behavior?
As a specialist, Jason Tan, CEO, Sift Science says machine learning is supremely suited to catching all of this.
“Think about how much customer data travel companies have access to: email addresses, billing and shipping addresses, phone numbers, device fingerprints. You also have behavioral data: the actions a user takes on your site, like where they click and what selections they make,” says Tan, who presented during Ai’s The Airline & Travel Payments & Fraud Summit, held recently in Fort Worth, Texas.
Machine learning can quickly and efficiently digest information to identify patterns, so you can start to tell a story about who your users are and what their intent is. When patterns of real-time fraud are mapped against examples of past fraud, merchants can accurately predict when they’re seeing a good shopper or a malicious one – so they can block the fraudsters, or make it easier for good customers to buy.
For example, as Tan says, Amazon uses machine learning to identify its good users and offer them 1-click checkout – a completely frictionless experience.
Missing the bus
Tan categorically says if travel companies aren’t embracing machine learning for identifying the profile of fraudsters, then they're missing out on effective fraud prevention.
“Travel companies that resist implementing machine learning could instead be experiencing increased sales and better conversion rates by taking advantage of automation. You can use machine learning to create smart and dynamic checkout flows, where known good users can fly through purchasing, while additional friction points (in the form of cardholder verification) can be added for suspicious users,” he says.
Machine learning enables companies to automate aspects of fraud detection and make quicker decisions. Less time spent on manually reviewing orders means that companies reduce their overhead costs and can pass those savings along to their customers.
Consumers booking travel online expect their reservations to go through immediately. Travel companies don’t have the luxury of time; they need to automate parts of their fraud-detection process to stay competitive.
The team at Sift Science referred to several examples:
Dealing with a fraudster
The most effective machine learning applications can take in and return information instantaneously, says Tan.
Sift Science’s “secret sauce” is its network of customers that send terabytes of data to its servers.
“That means all of our customers can benefit from the same learnings – for example, if we detect a fraudster on one site, that user’s Sift Score (a measure of riskiness) will instantly update across the entire network, so other businesses can block him. This feature enables companies of all sizes and of all locations not only get an individually tailored fraud prevention system, but also stay ahead of new and changing fraud patterns as their customer base grows,” explained Tan.
The data that companies choose to share should be based on their unique businesses and needs. There will be some common fields like departure destination that whole industries share, but there may also be company-specific data.
Global players like Airbnb and HotelTonight are able to use any data points that they already collect in order to benefit from machine learning for fraud. Details like stay length, airplane seat selection, and travel route can offer insights on top of more obvious ones gained from personal traveler information. A flexible machine learning system can take any data you throw at it.
As for visualizing fraud connections, Tan says a bad user might be testing hundreds of credit card numbers or have thousands of fake accounts on your site. “Using the data pulled from every order or transaction sent to Sift Science, we map out the suspicious signals that any given user or order shares with others.”
These connections help to identify why a user might be fraudulent, as well as allow merchants to proactively block users linked to past bad behavior.
It is imperative for travel companies to ensure that attacks don’t affect credit card data as well as any other personal passenger data.
Unfortunately, it’s getting harder and harder for companies to “ensure” that data stays secure.
Data breaches will soon be the new normal, says Tan.
“Although machine learning can’t stop hackers (yet), it can help travel companies ensure that stolen data isn’t successfully used on their sites. Employing a machine learning solution can actively identify suspicious behavior, and prevent a chargeback for the merchant, and a painful fraudulent purchase for the victim,” said Tan, answering a vital question.
One of the best things about using machine learning is that it automatically learns about new fraud patterns in real time so you don’t have to keep close tabs on new tactics. Travel brands rely heavily on online transactions, so there is also a need to watch out for new travellers from new locales. Travel brands need to be mindful that new geographies come with different types of fraudsters and fraud patterns. A pattern may be normal in one region but fraudulent in another, said Tan. Of course, you can’t just block every new traveler; that would be a quick way to lose legitimate business. But leveraging big data to weed out the bad users wielding stolen credit card numbers is key.
NDC is fine, but are airlines ready to offer a better payment experience?
Ai Editorial: One transaction for a trip, but having separate payment record of each trip element involving a different supplier isn’t an ideal story. Are airlines ready to handle this, especially in the context of traditional card payments, in the NDC era? Ritesh Gupta finds out
The objective of being in control of what a carrier intends to sell sounds like a pragmatic idea. As data-driven personalisation becomes the norm, every airline understandably would like to offer its differentiated, unique product and at the same time something that matches the intent of the traveller, too. Also, airlines have been considering the possibility of making personalised offers to agencies without them being prepared by an intermediary by following the NDC standard.
Payments landscape – dealing with inevitable complexity
There are several dimensions that need to be considered as airlines move toward selling products in a different way. One of the most complicated aspects that need to be addressed is the authorization and settlement of a transaction. Considering the complex payments landscape, it isn’t going to be a straightforward process to optimize the payment experience.
It’s true that the scenario where a traveller shops trip essentials (such as airline seat, car rental, insurance etc.) on one site and pays multiple merchants in a single checkout session isn’t new.
There are certain aspects of travel that are being streamlined. As it recently emerged, IATA’s One Order industry-led initiative is “intended to modernize the multiple and rigid booking, ticketing, delivery and accounting methods with a single, flexible order management process”. According to the association, accounting “will be based upon workflow of a single order, bringing the industry closer to standard retail accounting principles”.
As for the passenger, the plan is to simplify the experience as travelers will no longer need to juggle between different reference numbers and documents. All they will need is their order reference number to be easily recognized and served by all.
This ideal cart checkout scenario will create complexity for an airline which must now accept the liability associated with the delivery of the various services being bought. Travellers will appreciate the single cart experience but they will also expect the airline, as the merchant of record for the sale, to service their complaints when a service is not delivered as expected. This is where there is room for improvement, says Global Collect's Laurie Gablehouse, a travel payments specialist.
Payment experience – far from being optimized
Let’s imagine a situation. Say you have shopped for US$1500 for your next trip. You have paid $1000 for your air ticket and $500 for your hotel stay. You completed shopping on an airline website at one go. As it turns out, the details of these two components would need to be tracked separately, with separate bills at your disposal.
It’s just the way the world of merchants, acquirers, issuing banks and card schemes work.
A lot happens when our card details are used for a transaction. Several stakeholders come into play as our transaction is converted into an invoice. As it stands, without these stakeholders, a transaction can’t be done. So imagine a scenario where each travel supplier has its own acquirer, and how the world of authorization and billing eventually shapes up today!
“Yes, the liability for the order is why the payment process works in this way.” says Gablehouse, referring to the current scenario.
Considering that there are two parts to a transaction – authorization, and clearing and settlement, where can the situation be improved?
Gablehouse states that it isn’t a technology issue; it’s just the functioning of this sector that is hard to fiddle with. A bank expects the merchant who accepts the payment to be the responsible party for the collection of the funds. If the consumer decides to reverse the payment AFTER the services have been delivered then the merchant is left with the loss. If this was not a service the airline was responsible for delivering, then there must a legal means of recourse to be reimbursed by the third party provider.
Authorization commences when travellers presents their respective cards to the merchant for shopping. In a matter of few seconds, checks pertaining to fraud and credit line are supposedly done, and a decision is taken. Post this there is a contractual obligation pertaining to payment and a product/ service being bought. So where can changes takes place in order to sort the issue of a traveller receiving one payment detail?
Interchange is the clearing and settlement mechanism that transfers data between the card processor and the issuing bank. There is an opportunity for card schemes to help the industry, improving the situation at the back-end, says Gablehouse. The back-end requirements are where this single order ides is quite fragmented, she says.
Here the situation is expected to be better in case of alternative form of payments such as digital wallets.
The idea of having one generic merchant id
The scenario can evolve by working with card schemes and identifying means for the airline or merchant if they could authorize $1500 as a total and not as $1000and $500. They are being billed separately as we don’t have the standards to allow for the single authorization for two different merchants. In order to settle $1500 settle at one go, authorization needs to be a single, bundled amount, says Gablehouse.
Hypothetically, Gablehouse says a single generic merchant id could be used to obtain the authorization for the entire sale. This is not something that the card schemes and banks should consider as a means to facilitate the process. This would also require changes to the settlement to ensure that the individual merchant ids could be used for settlement. In the ideal scenario, there should be multiple acquirers which eventually see the settlement file containing all components of shopping when a card scheme processes the billing. This would in turn simplify our payment experience if we were to book more than an air ticket with multiples services from an airline.
Ai Editorial: Airlines need to refine their fraud management tactics as well as work closely with travel agencies to reduce chargeback levels. Ai’s Ritesh Gupta learns how
Managing credit card fraud is an ongoing process for airlines, and keeping a tab on fraudulent transactions coming in via travel agencies remains a critical issue.
In fact, airlines list fraud-related issues associated with third party channels as a major challenge till date.
As airlines put smarter tools in place to detect fraud, fraudsters also get smarter; they move from one channel to another until they find the “unprotected front”.
“We already see airlines who can deny a transaction in their call centers if it comes from a customer who has already been rejected on their website,” says Celia Pereiro, Head of Travel Payments at Amadeus. “Airlines should extend this multi-channel approach to an omni-channel one, which includes a single repository for all travel data regardless of the channel.”
And negligence or being ignorant wouldn’t help at all.
“If airlines consider that, in view of IATA Resolution 890, payment fraud committed via a travel agent is not airlines’ concern (those airlines) may be missing the full impact of fraud,” says Pereiro.
She says regardless of who is liable for the cost of the chargeback, airlines, as the merchant of record, are still liable for processing, investigating and resolving the chargeback; moreover, the airline will never recover the bank fees incurred when they processed the payment in the first place.
For its part, Amadeus has developed a solution that will allow airlines to implement a fraud detection mechanism before authorization and ticketing issuance, saving both manual intervention and costs.
Points to consider
For bookings that require a further review, airlines can make a decision based on information and either accept or deny that booking. “If an airline decides to deny the booking and the ticket has already been issued, then we’re able to automatically void the ticket, therefore maximising effectiveness and reducing the manual workload,” says Pereiro.
The prevalent situation
Nowadays the earliest airlines can detect fraud is usually after the ticket has been issued, says Pereiro. Today, airlines can have internal processes in place or rely on a third party to screen all bookings coming via the travel agency channel. All this, though, ends up being costly as it involves heavy manual intervention and clearing up to be done when a payment is detected as fraudulent. This is however the best case scenario, says Pereiro.
Most commonly, fraud is detected at settlement time by the airline’s bank, which is then reported to the airline as a chargeback. Then the costs add on, making the ticket cost only one component of the total cost of a fraudulent sale.
The worst case scenario is when airlines take a binary approach to fraud controls; for example blocking transactions from entire countries or regions– rejecting valid transactions as a result. Assuming that the false positive rate is 5%, then even small airlines could be missing out on hundreds of thousands of dollars’ worth of revenue. To be able to realise these savings airlines should consider smarter anti-fraud solutions which uses the traveller data at their disposal to check for indicators that a transaction is fraudulent or not. For example, historical data which shows that a traveller has a history of making similar trips – even on different airlines – would add significantly to the accuracy of fraud checks.
So what happens when an alert surfaces that stops a ticket from being issued when payment is detected as fraudulent?
Pereiro explains: when a transaction is sent to be checked by a fraud management provider, the resulting cases can be one of the following:
Fraud management needs to be business rules-driven, meaning that the responses provided will be determined by the score each transaction obtains based on the criteria selected. “In addition, we can help airlines to define their fraud strategy and set the balance between accepting and denying transactions,” shared Pereiro.
With the Amadeus product, in the case of a positive result the ticket is issued; in the case of maybe the ticket is put on hold and the PNR is placed in a queue for manual review, where a negative response triggers stopping the booking before the authorization process and there is no option to issue the ticket; and in the negative case the booking is automatically cancelled.
Follow Ai on Twitter: @Ai_Connects_Us and Checkout our events at: www.AiConnects.us
Ai Editorial from Jiri Marek, former Executive Sales & Marketing Director, LOT Polish Airlines
BITCOIN – Beyond Imagination - a Terrifying Currency?
This is my own definition of this growing phenomena of new age, describing feelings, principles, fears and opinions coming to the mind of people whenever they hear word BITCOIN It came to me through my experience of introduction BITCOIN as payment method into Aviation. How BITCOIN and AVIATION can get along with each other?
“Opposites attract” is the fundamental principle of nature, and more philosophically we can look to the east to Yin and Yang or to the west to light and dark side of “The Force”. Also in aviation we have contradictions.
On one hand airlines are highly regulated with very limited spot for frivolity, but on the other hand one of the core engines running aviation development since decades was look for the future and the out-of-box solutions. It seems that the opposites attract… but in this case not quite.
The same airlines, that do not want to loosen up on safety and security principles, are facing the new and liberated world of the internet. These two pieces are in fact very hard to match. When I shared for the first time this new idea of adopting BITCOIN as payment method within airline, it creates a feeling inside the organization like bringing “chaos” into “order”. In fact it was more of a fear. BITCOIN is somehow still perceived as the currency of the anonymous rebels, synonymous of the unregulated and wild deep internet world.
Since airlines are extensively regulated mainly on safety and security issues, and they are using state of the art technology for flying, they became on the other hand kind of fossils in the merchandising and distribution of their content and product towards end consumer. In a result this is what we have: airlines would like to gain global reach and constantly complaining about regulators and authorities that they are bringing constrains and limit them to became truly global and on the other hand we have global borderless payment solution ready to use without any regulatory body or government behind it and no ownership, but somehow still steered clear of. Now is the time to look for the future.
I have no doubts, that the magnets will attract this time as well and it will happen sooner or later as The Mother nature always find a way through, constant search for balance, leading to evolution. Would you like to wait for this “evolution” or take rather first mover advantage and be part of “revolution”?
Ai Editorial: Bitcoin, Alipay, convenience store transactions etc. exemplify the diversity in payment methods. And such options call for management of atypical issues, too, says Ai’s Ritesh Gupta
Any sort of improvisation in a payment strategy requires introspection on several counts, be it for evaluating payment complexity, impact on the user experience, ensuring security for that particular sales channel or ability to monitor the fraud chargeback activity.
And today change is inevitable considering the increasing popularity of specific payment options in different markets. Airlines have to adjust as for many it’s a cross-border business.
There are certain market nuances such as prevalence of local domestic payment methods that can drive payment strategy – for example, convenience store payment in some Asian countries. Also, unlike credit card, each of the payment options in Asia has its uniqueness, e.g. transaction limit, availability of refund, chargeback rights etc. It requires airlines to design and implement necessary payment interfaces and processing flows.
Overall, airlines need to look at peculiar issues as they embrace new form of payments. Here we assess a couple of aspects:
An airline might be running operations smoothly in several markets, but a similar move may result in additional expenditure in a new one.
For instance, in case of China, it’s imperative for travel brands to offer options like Alipay and or let Chinese consumer pay via WeChat.
As per the feedback from specialists pertaining to Alipay, operating in China requires a separate integration cycle and payment acceptance service level than would typically be needed for other regions and markets. “PSPs like Stripe and Braintree provide for a more seamless integration on the backend, however because of regulations in China and Alipay’s market size, it is easier for brands with interests in China to work directly with the payment platform,” shared a source. Importantly in order to integrate a PSP like Alipay, a company based in the U. S. may need dedicate resources and staff for processing and acceptance for the Chinese renminbi.
“While enabling Alipay payments is critical to gain visibility and drive transactions in China, for smaller hotel chains, airlines or OTAs this additional resourcing is a large undertaking that can put a strain on cash flow and carry higher requirements for security against chargebacks. Additionally as Alipay remits payments through SWIFT, OTAs and travel brands will have to plan around payout timetables - which vary from country to country- and the applicable fees,” shared a source. “Another thing travel brands should consider the user experience, as travellers are completing their travel booking or reservations. Several PSPs oftentimes redirect users away from the branded site or app to complete their transactions an experience that travel brands cannot control or manage, which can lead to confusion, or worse, booking abandonment.”
For airlines, the fact that the process can involve their legacy infrastructure, it only adds up to the work that’s needed to be done.
“One of the key issues faced by airlines is heavy reliance on legacy infrastructure that prohibits them from adapting to the fast changing world of payments. If this is not addressed in a timely manner, airlines can risk becoming uncompetitive and non-relevant,” says Shreyansh Durgesh, Director of Sales and Business Development, Asia Pacific, Bitnet Technologies.
Delving deeper, Durgesh says, “Sometimes it is seen that airlines are unable to or take too long to launch new payment capabilities due to their backend system being too complex to work with new technologies. Lot of airlines have built their functionalities and respective business processes on top on a legacy mainframe application.”
“Most of the time these legacy infrastructure and their limitations determine how payment related processes or functionalities can be changed,” he says. For example, an airline’s DCS (departure control system) may follow certain rules to flag a risky booking based on fraud detection systems for further checks during check-in. But if the fraud detection and legacy platform are not compatible, it can lead to sub-optimal usage of such fraud detections services.
In addition to coping up with the challenge of system integration (each payment method works differently which means that each implementation can be costly and lengthy), another hurdle that comes with the new methods of payment is fraud as fraudsters always evolve to find ways of exploiting weak spots in payment processes and systems. So fraud management should be on top of the agenda for any airline integrating new payment methods.
There is also need to clarify certain points, too. For instance, bitcoin is like digital cash. So is there any way to recover or whom to approach when bitcoin is stolen?
Here it needs to be understood that bitcoin wallet private keys are the only proof of ownership of bitcoins. Once these keys are stolen it is impossible to reclaim ownership of bitcoin, says Durgesh.
“Bitcoin is decentralised protocol and not regulated, hence there is no central authority to turn to in case you lose your bitcoins. There have been number of bitcoin related compromises in past but they are not due to weakness in bitcoin protocol itself and rather due to because of weakness of security system employed or negligence of bitcoin service providers,” he says.
So it is important for consumers to carefully select their bitcoin service provider who has appropriate security system and policies to safeguard consumers’ bitcoins. There are specialists who keep bitcoin stored in secured, geographically separated cold storage as well as insure users against any losses, says Durgesh. Also, as the bitcoin ecosystem continues to grow we will see a lot more innovation in provision of wallet security services.
As the payment ecosystem continues to evolve, airlines need to be nimble. Be it for gearing for EMV liability shift in the U. S. or capitalizing on the popularity of an offering like Alipay in China, there would be changes for merchants. It is of paramount importance to be aware of requisite resources and the level of expenditure required to set up a new method of payment. Plus issues associated with integration with legacy systems, back-end operational systems etc. as well as fraud management, too, need to be scrutinized.
Follow Ai on Twitter: @Ai_Connects_Us and Checkout our events at: www.AiConnects.us
Ai Editorial: Airlines need to plan diligently for an omni-channel payments offering. Ritesh Gupta finds out what needs to be done, and how to reap rewards.
The value of delivering an omni-channel payments solution is in the ability to deliver data-backed, personalized customer experiences across all sales channels.
This requires the ability to capture data across all payments channels through a single integration. With a single overview, it’s possible for airlines to reduce their internal workload, streamline processes, and gain valuable insights into cross-channel customer payment preferences. The ultimate result is the increase in revenues.
Here we explore how to craft an omni-channel payment experience:
It is important for airlines to look at the entire payment chain, from gateway to risk, to acquiring, and identify areas in which they can prioritize improvements, says Sander Maertens, VP Travel, Adyen.
Airlines need to gear up for an integrated solution for the entire payment chain, as well as support alternative payment methods, and look for a single line of reporting and reconciliation.
By offering dynamic payment pages that automatically detect the screen size of the consumer, the device, airlines can ensure a more seamless payment experience. In addition, offering features such as one-click payment, where at the checkout stage shoppers are given the option to have their payment details securely stored, will also optimize the mobile experience. With the rapid evolution of the mobile payment landscape, it is often key to work together with a payment to remain on top with the latest developments.
Follow Ai on Twitter: @Ai_Connects_us and Checkout our events at: www.AiConnects.us
Accepting AFPs in Asia – it’s about handling intricate issues
Alternative form of payments (AFPs) is flourishing in Asia. Each has its own unique application and settlement process, language/ currency support, and is subject to domestic rules and regulations. Ai’s Ritesh Gupta reports.
It can be quite demanding for any travel e-commerce entity, be it for a mature business or a start-up, to finalize an apt payment strategy in the Asia Pacific region.
AFPs have gained traction, and they generally tend to address a domestic economy. It’s a fragmented space, and airlines need to understand intricacies of each market.
In China, around 45% of online transactions are made using e-wallets, such as options offered by Alipay, China Unionpay and TenPay, and other emerging options include WeChat payment.
A company needs to be spot on otherwise the conversion rate can take a dip. For instance, Uber, the mobile app-based transportation network, has worked out an effective zero-click payment mechanism. Users of the app simply register their card as card-on-file, request their drive, and their card is charged at the end of the ride. After registering, the payment will subsequently be made when you use the app, and there is no need for the customer to go through a payment process. But recently, Uber decided to introduce cash option to make it service more accessible in India. So customers can pay via prepaid wallet, debit/credit card or cash.
There are various factors airlines and travel e-commerce businesses need to consider while assessing which alternative form of payments to go for across the Asia Pacific region. A prime reason behind this is the variety of payment options that are available, which are as diverse as the region itself.
Low credit card penetration
Talking of the Asia Pacific region, Bangkok-based Mario Peng, CFO at hotel mobile booking app HotelQuickly says a major challenge for accepting payments from customers is the low credit card penetration rate and acquiring bank charging cross border fees to customers. To reduce credit card acquiring fees, remove cross border fees charged to customers and to offer alternative payment solutions to reach non-credit card holders, merchants are required to set up local legal entities and/ or work with different payment service providers for markets in Asia.
“It is quick and easy to setup global credit card acquiring. But there are many markets where credit card acceptance is relatively lower than say Hong Kong and Singapore,” says Peng. “So for markets like Indonesia, Vietnam, Philippines, Thailand etc. the team is looking at alternate payment methods – and for the same it evaluates both commercial and technical aspects of tying up with a payment gateway.” A local payment gateway fulfils certain legal requirements, and then airlines or OTAs assess the ability to facilitate payments for preferred payment channels. For instance, in Indonesia, as Peng told us the company is evaluating two payment service providers – while one can facilitate ATM transfer, convenience store (these are semi-digital payments - a consumer takes a code or a QR Code associated with a booking and pays), and online banking, the other isn’t able to offer online banking as an option.
Hong Kong-based Joseph Chan, CEO, AsiaPay says various non-credit card payment options have different rule sets. For example:
Chan says an ePayment partner in Asia for airline can readily address the following challenges that airlines may face as they plan for added local payment options:
Penetration of AFP
As for AFP, there isn’t any consistency across the market.
Unlike most of the other countries in the Asia Pacific region, options for AFP are yet to take off in a big way in Australia. Carriers in Australia have listed POLi, an online real time debit payment system, as an option. It allows buyers to use their Internet banking to pay for their online transactions. POLi is currently available within Australia and New Zealand. Among other carriers in the region, Air Asia added POLi as a fee free payment option on their website few months ago.
“There is no credit card fee, and the system results in instant booking. Of course, a major lure that works in favour of POLi is that it results in consumers saving significant amounts of money. So say, for a family of four, booking via POLi would end up in A$30 savings,” says a senior airline executive. As for facilitating one-click payment via mobile devices, the executive says the market is still “2-3” years far off. “There are certain legislative issues, too, that can hamper the growth of mobile payments. For instance, it isn’t allowed to store CVV in Australia. The privacy laws are quite strict at this juncture. So this can impede the implementation and the take-up for services that are burgeoning in other markets.”
Gurgaon, India-based Jibby Jacob Kollanoor, director, South Asia, UATP, says consumers want to be able to pay with the local AFPs they are used to and comfortable with. “One of the most popular AFPs in this region is Alipay, an e-wallet in China that is also capturing a large percentage of the mobile wallet space,” he says.
Preparing for bitcoin
Airlines also need to gear up for emerging digital currencies like bitcoin. To initiate a bitcoin transaction, a consumer must have a bitcoin wallet. “The easiest way to get one is by choosing one of web based wallet services providers such as Coinbase, Blockchain.info etc. Once the wallet setup is complete consumers must fund their wallets with bitcoins purchased from either local bitcoin exchanges or by other means. These bitcoins can then be used to purchase tickets at airline websites,” says Shreyansh Durgesh, director of sales and business development, Asia Pacific, Bitnet Technologies.
According to experts, bitcoin simplifies airline payment by eliminating any risks and unnecessary costs associated with payments. But there is still lot of apprehension among airlines regarding bitcoin due to its price volatility, regulatory concerns etc.
For its part, Bitnet has simplified bitcoin acceptance for airline merchants.
“With Bitnet, an airline will not touch, store or process bitcoin. Airline will be able to price their tickets in local currencies. We will accept bitcoin payment on their behalf and pay the airline in local currency of their choosing,” shared Durgesh, who added that Bitnet has simplified airline bitcoin payments with its UATP partnership.
Finalizing plans for AFP
Kollanoor says a lot of factors need to be considered before finalizing which AFPs to go for:
Each payment option has its own unique application and settlement process, language and currency support, and is subject to domestic rules and regulations. Kollanoor says airlines can use their existing UATP infrastructure and reporting solutions to quickly bring AFPs to market.
Airlines need to understand the limitations of their systems. It needs to be assessed whether airline should build a direct connection from scratch that constantly needs to be maintained, or rather they can utilize their existing acceptance platform and back-office processes to enable the new payment methods. Also, reconciliation remains a big issue for the airlines; it can be rather labor intensive and be a long, tedious process if done manually. There is a need to gear up for simplified daily reconciliation.
A CEO books a trip worth $12000 with an OTA. But what if he is a fraudster, who has a found a way to deceive the agency. Ai’s Ritesh Gupta learns about a couple of real experiences of OTAs
Online travel agencies (OTAs), even the established global intermediaries, continue to be victims of online fraud.
Take the case of Booking.com, known for its agency model or letting bookers pay the hotel upon checkout. The OTA was in news late last year for fraudsters gaining access to contact details of customers, and they allegedly contacted them for pre-payment of their respective bookings. Booking.com acknowledged that 10,000 people were affected, and acknowledged that there is a need to combat fraud, which is now described as an organized crime. There were concerns, and stakeholders, including OTAs and hotels, were questioned about the security level of their systems/ websites.
So the question then is: how to shield customers’ personal and financial information?
Travel companies need to understand how hackers are gaining access to system data or server functionality.
The breach of data is happening and it could be owing to manipulating a web application and a fraudster tricks that application into performing commands and accessing data. Another way is to get hold of an authorized account via focus on session IDs, and eventually stealing them.
OTAs frequently receive complaints from customers about unauthorized credit card transactions. Experts recommend that additional steps can be implemented to curtail risk of credit card and personal data exposure, such as compartmentalization and tokenization on the inside of the company’s DMZ (Demilitarized zone. Network added between a private and a public network to provide additional layer of security). This is being considered to be a vital add-on to firewalls and external fraud measures. Such mechanism keeps a tab, acts and reports on dubious activity and can feature configurable fraud-alert rule sets, data- profiling modules, and other validation methods.
Also, at another level, it is important to know how to strike a balance while focusing on stringent fraud rules. These can result in reduced acceptance and revenue. Also, what safeguards exist to allow for loosening fraud rules? Optimizing acceptance means more fraud will slip through – an extra layer of defense is needed to catch it post authorization.
Dealing with fraud
For a security professional, the risk of being too cautious can result in a loss of revenue. OTA executives shared a couple of experiences of how the team manages fraud.
A senior executive associated with Mumbai-based OTA Cleartrip.com told us: “If a fraudulent transaction happens, then we filter it out and blacklist the card used, email and phone number. We can’t block the name as there could be multiple customers with the same name. Overall, the variables that are take into consideration while assessing transactions are IP address, phone numbers, device ID, email id (domain name) etc.” The same executive mentioned that there are times when certain transactions are doubtful, and put them on high priority for manual check. “That’s where smartness comes in, scrutinizing the confidence level of the booker. For instance, there was a booking worth US$12000 or so that we kept on hold. The claimant user of the card, actually a fraudster, was residing in another country, he intended to travel in that country, and was claiming to be the CEO of an IT company. He was repeatedly making calls to check why his booking wasn’t going through. And then when we assessed his LinkedIn account, we found there was not even a single connection. So that’s a call every security team has to make. You could be interacting with a fraudster, and you might abruptly ask him what’s the time where he or she is located. It’s all about getting closer to authenticity of the information or even checking the confidence level.”
Here it needs to be mentioned that the booking experience of a customer shouldn’t be jeopardized.
I know of a recent instance where an airline called up my colleague in the U. S. mid-night, who had booked me for Delhi-Bangkok trip. The airline had concerns about the itinerary, considering that the booker was in the U. S. But my colleague felt the check needed to be more vigilant, considering that the airline had information about him, and disturbed his sleep by calling at odd hours.
Another OTA told us an interesting movement that was being witnessed on their site. It was related to “seemingly Russian citizens” booking itineraries featuring a particular LCC in the Middle East. “The bookings featured destinations like Moscow, Kiev, Bishkek, Almaty etc. Most of the passengers booked through these transactions sounded like Russian citizens (female names ending with “ova” or male ones ending with “ev”.” The carrier had strict policies, and before the OTA could verify and reach out to the airline, fraudsters were cancelling those flights, and gaining credit vouchers for future bookings. “We eventually decided to cancel the sector.”
Fraudsters always move on. Managing online fraud is an ongoing initiative, one that needs constant improvisation for better results. If this is not the case, then a travel organization would end up being a soft target, leaking revenue that shouldn’t have slipped from its grasp. In fact, despite having a team in place, one can still suffer at the hand of fraudsters.
A spokesperson from Cleartrip.com told me: “With the RBI mandate for third level of authentication, the frauds on Indian issued cards have reduced. However, the fraudsters have now shifted their focus onto the cards issued outside India. They specifically target cards issued in the U. S. , the U. K., Australia etc. The current trend in the market is - the fraudster is booking non-refundable and non cancellable tickets to avoid any action from the fraud detection teams. Fraudster is also targeting the immediate flights on domestic and international sectors.”
So what are the challenges that OTA typically face in detecting and neutralizing the fraud transactions?
The first issue here is limited help from the airline /supplier/ hotels. Cleartrip.com told us: “We lose lot of revenue on to the cancellation charges by the airline in case of fraud transaction and needs to be cancelled. Some time the tickets are non refundable and non cancellable and we need to let the fraudster to fly on these bookings even though we detect them well in advance.”
The second is limited help from the law enforcement agencies and issuing banks in case if there is any opportunity to nab the fraudster. In this case, merchants are looking at support from the issuing bank, which isn’t through coming in most of the cases at this juncture.
Here are few recommendations from Cleartrip.com:
Effective transaction monitoring
Best practices to avoid chargeback debits