Executive Interview: Jerome Seidita, Nok Airlines

Our chat with Jerome Seidita, mobile commerce director, Nok Airlines, outlines some of the issues facing airlines for mobile commerce, topics which were discussed and debated at the Airline & Travel Payments Summit (ATPS) Asia-Pacific (Bangkok, 26 - 27 Aug 2015) and will be covered at the 9th Airline & Travel Payments Summit (ATPS) Worldwide (Ft. Worth, 29-30 Oct 2-15)

From A Traveller’s Lens

Every country has its own inimitable challenges when it comes to accepting payment via mobile.

For instance, while some markets are showing signs of making steady progress with contactless ecosystem, there are others that are fairly new to this arena.

Yet airlines are adapting and trying to improve upon the payment experience.  For example, Thailand’s Nok Air has carved out a unique offline payment method when their customers book via its mobile channel.

So what is this initiative all about? What is Seidita’s take on 3D Secure, and dealing with regular changes in apps?

Ai’s Ritesh Gupta spoke to Seidita about mobile and payments in detail. Excerpts:

Ai: To what extent is your travel being simplified and how comfortable are you spending via apps?

In my opinion, mobile apps changed the world by simplifying complicated tasks in just few taps. Mobile behavior is different than desktop, users want reactivity, fast processes and simplicity. 

For me, amazing and efficient apps are the simplest one. Simplicity in the design, in the quantity of information, in the capacity or remembering past behaviors and information to make processes faster. 

The best example for me is the Uber application. It’s amazing how simple it became to order a private car. They know your location, your credit card number and your preferences, you just have to tell them where you want to go even though they probably knew it before you. 

When it comes to payment via apps, I feel very comfortable paying for goods and services from my mobile device. But it all depends on the application, if I have to spend more time giving the app my personal / payment information than selecting the product I want to buy, I prefer to use another channel such as web. 

Ai: Any anecdote that you would like to share while conceptualizing and designing apps and mobile website for Nok Airlines? What did you learn from that experience?

Nok Air is an innovative airline, we like very much exploring new technologies that would enhance our passengers journey. One of the latest initiatives was to make Nok Air one of the few first airlines to release an Apple Watch application on day one. 

When you start designing a new version of an app or mobile website you have to put yourself in the passenger shoes. Take everything that has been done on web and change it to be more simple, logic and fast on mobile. 

Few years back we started to work on “Low Fare Search”, a new way for passengers to look for the best fares available in an entire month instead of a single day. This functionality, still available today on our apps, was first implemented on our desktop website and we had to completely reinvent the user experience on our mobile channels. 

Desktop website did a great job by giving the user the cheapest flight of every day of the selected month but what if the user wanted to pay a little bit more but choose a flight that was leaving at night instead of the morning? Using a great user interface to cover complex API’s we have been able to create a flight result page that offered both the cheapest flights but also all other available flights accessible with one tap. 

What I learned from this project is that when designing apps for mobile devices you can get inspired from what have been created on other channels but you should never offer it exactly the same way. Passengers interact differently on their mobile, they have other expectations. 

Ai: What would you term as the toughest aspect of your role? Can you cite examples?

Mobile demand is growing very fast, technologies are changing every year but development is unfortunately not following at the same speed. 

Being innovative, offer a secure environment and implement airline requirement at the same time can be challenging for our developers who need to work on many projects, often never done before. 

To give a recent example, the Apple Watch app was released in April 2015 and less than 2 months later we learned that there was a complete new environment we could convert our application to. It’s a great improvement but it will require to change what we just finished to built in a very short time. 

Another tough aspect is that with Apple and Google in the market, offering amazing user experiences on mobile, people are expecting a lot more from developers than on desktop. If you want your mobile channels to work, you constantly need to plan for the next update and make sure your users are happy with it. Very challenging but we love it here.


Ai: Can you explain what should one look at while preparing for payment options via mobile?

Mobile payment was, as desktop at the beginning, difficult to trust but I believe people are now willing to spend on their mobile devices. We just need to make sure our offer is secure, trustable and offer the best user experience. 

At Nok Air we offer a very innovative offline payment method when you book on our mobile channels. You can book your flight and pay in the next 24 hours in 7-11 (supermarket) or any ATMs in Thailand. We also offer credit cards and almost finished to integrate Apple Pay. 

For credit cards, we found two solutions that any apps should be looking at, the first is to remember the last credit card number used and the another one is to copy all credit card information from the camera.

Ai: Shopper flow is often compromised at the payment stage by two key failures – a clunky look and feel, and multiple steps to complete the purchase. How to overcome such barriers?

For the clunky look and feel I believe we now have all the tools to create a great design, even when it comes to mobile payment. We just need more creative people. The only issue is when you get to the 3D secure page, as the only ones that can control this page are the banks and still a very few of them are thinking mobile for now. 

In my opinion, multiple steps are indeed a real key failure. Apple gave the best example by asking users their fingerprints today, nothing else. 

With a seamless payment as Apple, users don’t even feel they are spending their money and don’t need to seat and plan when they are booking. I believe Apple Pay is very promising.

Airlines are looking at selectively applying 3D Secure only to high-risk transactions, based on data customized to the airline. Can you explain how this is shaping in the industry?

Credit card fraud in Thailand is still high and at Nok Air we decided to apply 3D secure to every transaction. We are using a great tool to reduce fraud to the very minimum and it works great so far. If we had to take the same question out of Nok Air specific context I would say that this would be a great improvement as it would decrease number of steps and create a smoother booking experience. 

Can you cite few examples where airlines can face challenges with mobile payment?

The only challenge we had to face is the integration of direct debit transactions on mobile. The user has to connect to his bank online platform to accept the transaction but banks are still offering this functionality with non mobile friendly pages and it would deteriorate our user experience. We prefer to concentrate on channels that are ready and innovative. 

 LinkedIn: https://www.linkedin.com/in/jeromeseidita

Follow Ai on Twitter: @Ai_Connects_Us and Checkout our Events at: www.AiConnects.us


 

Innovative Airline Payments: Transavia Case Study

Transavia is a European airline that partnered with Adyen in 2012. Since then, the airline has made great strides in three key areas - optimizing 3D Secure, adding local payment methods, and growing m-commerce. 

A particularly interesting part of the relationship for airlines is the implementation of a dynamic approach to 3D Secure. 

With Adyen, Transavia is able to identify transactions that are high risk, based on a number of factors, including location, time, day of the week, transaction value, and more, and dynamically introduce 3D Secure only on those transactions.

"Based on a number of transaction values, we define per payment whether or not to implement 3D Secure. This means we can use data to identify high-risk transactions, and consistently adjust our setting to minimize the risk of fraudulent transactions without impacting the customer payment flow," says Roy Scheerder, Chief Commercial Officer, Transavia Netherlands.

With this groundbreaking approach, Transavia now has fine grain control over which individual transactions it should introduce 3D Secure on, helping the business to increase overall authorization rates without inadvertently approving more fraudulent transaction attempts. 

To find out more about how Transavia's partnership with Adyen is helping the business drive results with 3D Secure, local payment methods, and m-commerce, click here.

This case study appears on the Adyen website: https://www.adyen.com/home/blog/transavia-case-study and was pubished in July 2015

 

Ai Editorial: Managing 3D Secure

Managing 3D Secure- it’s a balancing act

Be it for optimizing security or sustaining favorable conversion rates, airlines need to plan for 3D Secure as part of their customer payment experience initiative, says Ritesh Gupta, Airline Information Correspondent

How to counter mobile fraud? How to make sure the conversion rate doesn’t go down owing to checkout abandonment? These are two key questions that airlines often mull over as they review the performance of their mobile portfolio.

In this context, one needs to careful with traditional 3D Secure, considering that fact that an extra step during the online payment process is added to ensure that the real user is using the card.

Traditionally, online merchants have adopted a binary view to 3D Secure; implement it across all transactions, or don’t implement it at all.

However, both of these approaches have problems. If you apply 3D Secure to all transactions, conversion will suffer, and if you don’t apply it at all, fraud will still be a factor, says Sander Maertens, VP Airlines and Travel, Adyen.

No doubt 3D Secure offers solid protection, however it does add a complication into the checkout for the consumer. As it emerges, experience on a desktop is sub-par and on a mobile it’s even worse. There are other issues that need to be addressed - very slow reaction from schemes and banks to address problem; some merchants live with the poor experience to maintain liability shift enjoyed from 3D Secure transactions; and many merchants have requested that 3D Secure be disabled for all mobile transactions.

It also needs to be considered that there are markets – like India – where 3D Secure is the norm, and so consumers expect it, says Madrid, Spain-based Celia Pereiro, head of payments at Amadeus.

“In these markets, and specifically in India, 3D Secure actually increases adoption. However, in the majority of markets the additional security can have a negative impact on conversion so airlines should be pragmatic about implementing 3D Secure; it may make sense, for example, to direct transactions which have been identified as suspect by the airline’s fraud management system to 3D Secure as a final check before rejecting the transaction outright. In this way, 3D Secure could be used to increase the conversion rate,” says Pereiro.

Optimal approach

Airlines and travel e-commerce companies need to assess their data by evaluating the value of transactions plus closely evaluate chargebacks. Accordingly, the transaction value limit can be finalized above which 3D Secure can be utilized as an extral layer of security to prevent fraud. As for RoI, positive results can be viewed as hike in revenue and reduction in chargebacks over a period of time.

Also, airlines can  integrate with fraud management tool to organize and work out the 3D Secure arrangement, lets say for local markets, in the backoffice. As for the customer experience, one can opt when to authenticate,   manage what a user sees, and embed authentication in the checkout.

Rather than having a binary view – either being in favour of preventing fraud or not hindering the customer payment experience by avoiding 3D Secure altogether, there is a third possibility.  

“(One can) selectively apply 3D Secure only to high-risk transactions, based on data customized to the airline. The way to do this is to dynamically assess and rank a transaction’s risk score on a scale from low to high, and then trigger 3D Secure only for the high-risk transactions,” recommends Maertens.

This means airlines can avoid routing genuine customers through 3D Secure, ensure a smoother payment flow, and minimize the potential conversion impact. By making 3D Secure a dynamic part of the payment flow, it becomes an asset rather than a conversion killer.

There are offerings that allows airlines to flexibly route transactions according to an intelligent set of business rules which is defined with the customer; these business rules allows airlines to avoid the authentication based on specific parameters, for example, frequent flyer passengers. So airlines can control which transactions are authenticated via a specific rules engine.  This can be categorized depending on the total sum of transaction, SKUs, IP or device used etc.

 

Travel companies cant really abandon 3D Secure, rather they need to plan diligently.

As Adyen recommends, airlines should evaluate aspects that are quite risky for operations, and contemplate automating 3D Secure as an additional security layer only for such transactions.

Also, as witnessed in the past, one can come across a lofty drop-off rate on 3D Secure transactions in case buyers are worried, considering is a security threat. So airlines should engage buyers on the security benefits wherever they can.

Follow us on Twitter: @Ai_Connects_Us and Checkout our Events at: www.AiConnects.us

Ai Editorial: Managing Cross-device Identity

Managing cross-device identity – it’s about helping and knowing customers

Passengers today look for better management of their digital identity, and brands, too, need to aid them and also serve them better via cross-device tracking, writes Ritesh Gupta, Ai Correspondent

How can I have more control over my digital identity? It’s a valid question as no ones like to manage so many usernames and passwords in one’s digital life.

We log in to apps, sites and devices. It can be quite a tedious job to remember all the passwords. Passwords aren’t expected to go away, but there is a chance that you could be soon logging in via facial recognition software.

Also, as much as a consumer is besotted by the idea of not to remember so many passwords, airlines, too, need to explore what they can do in this era of cross-device usage by identifying digital users with as much accuracy as they can. How tracking can be improved upon to serve a relevant message or aid in the journey of a passenger. This would translate into a customer experience, where one would be recognized for a true one-to-one experience.

Let’s assess some developments in the arena of digital identity and cross-device tracking, and how the same is impacting the overall customer experience:

  • Making accessibility simpler: The use of several devices, and accessing same or different apps and sites is quite common. We would dread the idea of remembering passwords for all. Recognizing that passwords can be shared or stolen, Intel is already working on app that remembers passwords and automatically fills them in when one returns. Essentially it’s about logging in with your “face”. The company has come up with a limited version of facial recognition app, titled True Key.  So how does it work? A user’s distinctive features such as facial math and master password come into play. As for the security part, data isn’t shared or saved, but still nothing is “hack” free, at least of today. But Intel is definitely promising a robust protection in addition to the simplification of password management. A major attraction of this app – a user’s info syncs to all devices that are being used. It’s an absolute must in the age we are living. Intel continues to build and iterate the product. Airlines need to keep an tab on such developments and make the most of it to simplify accessibility of their digital touchpoints.
  • Seamless experience across apps: The number of devices for our booking and also during the time of our journey that we are using is on the rise. In addition to a laptop, a tablet, and a smartphone, you might already be wearing a smart device on your wrist. Say, you are carrying all of this on the day of travel - iPhone, iPad and Apple Watch. Your digital identity and journey details need to “synced” across all devices. Tech-savvy brands are already doing this.

“With the addition of handoff and group data sharing HotelQuickly offers a truly seamless experience between all the HotelQuickly family of apps,” says hotel mobile-only booking app HotelQuickly’s COO and CMO Christian Mischler. If you make a booking on your HotelQuickly iPhone/iPad app, you will instantly be able to access that data on the Apple Watch app. If you’re looking at a previous booking on your Apple Watch, handoff will prepare that exact booking on your iPhone so you can view all the details in its entirety. “If you have not yet made any bookings and you are looking at the HotelQuickly app on the Apple Watch, we are preparing the HotelQuickly iPhone app for you to make a new booking. Just look for the HotelQuickly icon on the 'lock' screen of your iPhone and you know the handoff is ready,” says Mischler.

Airlines also need to know the limitation of each technology or app.

For instance, American Airlines, British Airways, New Zealand Air and easyJet have been in news for introducing smart watch services to help flyers check-in and board with QR codes, or alert passengers about flight delays or changes. However, as Leighton’s CEO Lyle McCalmont says, technical infrastructure needs to keep up. “We are already reading reports of Apple Watches not fitting under some airport access scanners,” he points out.

  • Cross-device messaging/ ads: Cross-device tracking is all about recognizing a user behind various devices. Airlines will always struggle to craft an optimized customer experience programme if they aren’t sure of how passengers are interacting across devices. Similarly, what’s their conversion journey looks like. This if not done properly can result in wastage in ad spending, something that’s always been a point of contention when attribution is analyzed. Also, the timing and frequency of messages/ ads can hurt a brand if travellers receive meaningless content.

So what has improved in digital identity as far as tracking a user across various devices is concerned?

The debate around exact match or deterministic approach such as provided by Facebook or any other log in way, and implied match techniques or prediction-based approach continues. The specialists in prediction-based approach are increasingly saying the perceived gap in scale is coming down and so is the variation in the total figure of addressable users for each approach.

A major highlight of prediction-based tracking is that it is set up on data signals from ad requests across the web.

Those who specialize in probabilistic way assert that identify fragmentation is being handled better than ever, driven by machine-learning algorithms. Such specialists count on cross-device data points to probabilistically harmonize mobile device IDs to desktop cookies; forming a bridge between devices. 

So what’s the accuracy of prediction-based approach? There has been talk of over 95% precision. For instance, cross-device technology company Drawbridge shared that its model was 97.3% accurate in indicating a relationship between two or more devices (according to a release in April, 2015).

Follow Ai on Twitter: @Ai_Connects_Us and Checkout our Events at: www.AiConnects.us

Ai Editorial: Tokenization - you can't ignore this!

Tokenization, yellow path authentication…impossible to ignore all of this

When one hears that no Apple encryption has been broken yet it comes as a big relief considering the level of fraud that is happening today. Ritesh Gupta, Ai Correspondent takes a closer look at tokenization.

No one likes to waste time on routine tasks that hamper the experience of shopping. One always feels like completing a transaction as soon as possible. The world of mobile commerce has made significant progress in this context, with travel e-commerce entities besotted by the idea of one-click payment.

All of this means no one wants to fill up mundane information again and again. Understandably then a lot is being said and evaluated when it comes to tokenization of payment data.

Going by the spate of fraud incidents in the recent past, more than how PCI compliance requirements shift from the merchant to the payment associate, relatively more important issue is the security of tokenized data. As much as the industry is contemplating about how to modify existing systems to accept tokenization, airlines and other travel companies are also keenly looking at its prowess in terms of combating fraud. Topics like data protection, user authentication and device authentication are valid discussion points in today’s travel shopping environment.

Are consumers savvy enough?

So what is tokenization – just in case one needs to know how it works. It is all about shielding consumer’s data, replacing the payment account information found on a plastic card with numbers that can be utilized to authenticate payment without revealing real account details. When uses a mobile device to complete a contactless transaction, a token is submitted. So customers only need to register their cards once.

Even though Apple didn’t come up with any new payment security standard, the introduction of Apple Pay has aroused immense interest in the arena of mobile commerce. The promise of paying via Apple Pay is enticing enough, considering the popularity of whatever Apple does, but do consumers understand the repercussions of something going awry with their data.

“Absolutely, cardholders are very savvy,” says Melissa Santora, product strategist - Card Services, Fiserv.    

She adds, “In fact, security concerns have been one of the top inhibitors to mobile payments adoption. Consumers are being educated by their financial institution and the industry that their card number is not stored on their connect device nor is it seen by the merchant. It’s a powerful differentiator to how mobile payments were introduced to consumers in the past.”

What does Apple Pay support?

Before we understand what Apple Pay is supporting, it is important to know more about dynamic and static tokenization. 

Santora explains dynamic tokens change with each transaction whereas a static token remains as one token per connected device. Therefore if you happen to lose your device, you can suspend or delete your token rather than reissuing your card. Additionally, this token can be found on your device as the ‘device account number’. This information can be found on your connected device by either flipping over the card within the wallet or by accessing the Settings portion of the device.

“It’s important to note that tokenization through Apple Pay and the EMVCo. specifications support static tokens only,” says Santora.

Here are some other key aspects about tokenization that are worth knowing:

· HCE: Host Card Emulation or HCE is another flavor of tokenization. When asked about this, Santora mentioned: “We do not have enough information to comment on HCE and the impact/ role that it may have on tokenization however we are actively understanding how HCE may play into tokenization and mobile payments.”

· Benefits and drawbacks associated with tokenization: Just as EMV solves for fraud in the card present space, tokenization is part of offering to mitigate fraud in card-not-present space and digital payments, says Santora. “It’s important for consumers to know that their card number is not stored in their connected device. Also, someone cannot take your phone and use your phone for payments. Touch ID or your Passcode is also required for a tokenized transaction to be completed,” elaborated Santora.  

· Definition: It is being highlighted that as per EMVCo specification on tokenization, the definition of token is alternate PAN, which is not the same as one-time use data. Santora says this refers to dynamic vs. static token discussion. The token is considered an alternate PAN or the device account number which is just a surrogate value for the real PAN.

· Not broken yet: It is being emphasised that no Apple encryption has been broken, it’s more to do with how the banks themselves issue credit cards and verify the identities connected to those cards. Santora says, “We have not seen fraud related to Apple Pay and have adhered to the standards and regulations set by the networks for yellow path authentication. We do offer call-center services for yellow path authentication and are thorough in our questions to ensure that cardholder is the rightful owner of that card and provision that cardholder and card with a token.”

When passengers and airlines are confident enough about the role of tokenization, then one can expect a spurt in the use of mobile payment services such as Apple Pay and others.

Follow us on Twitter: @Ai_Connects_Us and Checkout our Events at: www.AiConnects.us

Ai Editorial: Bitcoins - pros & cons of virtual currencies


Time for airlines to minutely scrutinize Bitcoin as an option for commerce 

Bitcoin is an attractive option for airlines, be it for lower transaction fees, relatively quicker money transfer or even the sheer experience of using a digital currency. Ritesh Gupta, Airline Information Correspondent finds out more about this emerging option

Technology and devices continue to surprise us, delight us. Be it for the paucity of time, convenience or pure indulgence, travellers are embracing alternative payment methods. And Bitcoin is definitely one such emerging option that gained traction last year. The idea of mobile bitcoin wallet sounds cool, with info including transactions getting updated in real-time.

Travel companies, including airlines and OTAs, are today accepting Bitcoin and other digital currencies. The biggest development is the rise of payment processing platforms that make it simple for airlines and OTAs to accept Bitcoin in a simple and risk-free manner, says Reading, UK-based Akif Khan, VP Solutions Strategy, Bitnet Technologies.

Strengths

There is a definite trend for airlines and OTAs to be exploring non-card payment types. Be it for lower transaction fees, expanding reach or combating fraud, there are several aspects that are proving to be promising for Bitcoin.

As Khan says, the drivers for this will vary depending on the airline and OTA. “For some, the driver is cost, as they seek to encourage travellers to pay with payment types that charge less than the 1-3% typical of cards.  For others, it is about expanding into new and emerging markets, where card penetration may not be high. Finally, for some, it is about brand differentiation, and offering new avenues to pay for travellers that differentiate the airline and OTA from competitors,” he explains.

Even as there are some concerns about this currency’s volatility, accessibility, creating right awareness (especially the perception of Bitcoin being meant for buying illicit drugs) and the uncertainty surrounding regulation, there are clear benefits too.

One shouldn’t ignore the prowess of Bitcoin especially when it comes to the economic inclusion of those underserved by the current banking system.

Bitcoin has multiple benefits for an airline or OTA compared to more traditional payment methods such as cards, says Khan. He explains: First, it is typically cheaper to process a bitcoin payment than it is a card payment. Second, unlike cards there is no chargeback risk when accepting a payment in Bitcoin, which leads to further cost savings for the airline or OTA. Third, there is no cross-border friction when accepting bitcoin, since it is a truly borderless global payment type. 

“From a traveller’s perspective, paying with bitcoin can be quicker and simpler than keying in a card number.  In addition, due to the elimination of chargeback risk, airlines and OTAs can accept your payment with confidence,” he says. This eliminates the many situations where travellers are inconvenienced when an airline or OTA rejects their card transaction because they suspect it might be fraudulent – for example if the traveller is making the card payment whilst in a foreign country. “Finally, over 2.5 billion in the world do not have access to traditional financial services like credit cards. However, if they have Internet access via their phone, they can get bitcoin.  So many travellers will actually be able to book online for the first time, benefitting both them and the airline/OTA,” says Khan.

Where are savings going?

One critical question as a traveller I would like to know is - are travellers going to save any money, or is it only airlines who are going to benefit in this regard?

Khan says some airlines or OTAs may choose to keep the cost savings entirely for themselves, but the smarter ones will use the cost saving to incentivise travellers to pay with bitcoin. 

The huge cost savings for airlines and OTAs not only in processing fees but also in not having to apply costly fraud management checks, mean it is in the interest of the airline or OTA to encourage the travellers to pay with bitcoin. This could be done by offering discounts when paying with bitcoin (the opposite of surcharging for credit card use, in fact) or offering frequent flyer bonus awards for example when Bitcoin is used.

Key considerations

Khan recommends that airlines should think carefully about whether they want to implement bitcoin processing themselves, which would likely involve them having to process or store bitcoin, or whether they want to use a processing gateway which converts the bitcoin to local currency on behalf of the airline or OTA.  In addition, if a processing gateway is being used, the airline or OTA needs to consider whether the gateway is optimized for use in the travel industry with respect to reporting, reconciliation, security, high availability, and connectivity to the appropriate travel ecosystem platforms.

As for the volatility of Bitcoin, Khan says the same can be abstracted away from the airline or OTA if they select the right payment processing partner. Such entities take on any volatility risk, and guarantee the airline their ticket price when a purchase is made.  The bigger challenge is that consumer adoption is still relatively modest, albeit growing rapidly.  However, since the implementation costs are modest, it makes financial sense for airlines and OTAs to accept bitcoin even if only for a subset of their transactions, as this will further drive consumer awareness and adoption, leading to even greater cost savings for airlines and OTAs accepting bitcoin.

Bitcoin and Virtual currencies will be on the agenda of the 9th Airline & Travel Payments Summit on the 29th & 30th of October 2015 in Forth Worth, Texas. Details at: www.AirlineTravelPayments.com.

Ai Editorial: Learnings from the transition to Chip n Pin


***STOP PRESS*** Registration is now open here for the 2015 Mega Event & 10th FFP Loyatly Conference!

Although most European countries, Canada and a number of other markets have adopted mandatory Chip & PIN on physical card payments, removing signature as a form of authentication, there are many markets around the world that are yet to go through this transition  -  most notably the USA.  But the pace of adoption of Chip & PIN is heating up, for example many markets in Asia will be going through this transition over the next few years, with the intentions of, and mandates from, the relevant Central Banks and/or international card Schemes already published.

Even though each market is different and has a distinctive history or legacy surrounding its card payment system, before embarking on the Chip & PIN transition it is worth reviewing what has occurred elsewhere and the learnings from countries that have already “been through the change”.  In this regard, the Airline Information is pleased to be able to provide access to “PIN@POS: Australian Case Study”  -  please click here for a free download.

The payments consulting team of the RFi Group led the PIN@POS initiative on behalf of the Australian card industry, culminating in the removal of signature on 1 August 2014.  They have written the Case Study based on their detailed knowledge of a two and a half year journey to PIN@POS, and it provides valuable information for those already on or about to start down the same road.  Indeed, readers contemplating an industry-wide coordination of any sort may derive benefit from this case study.  We hope that our readers can benefit from these learnings in their own implementation efforts.

Follow us on Twitter: @Ai_Connects_Us

Ai Editorial: Data Breach at Mandarin Hotels


***STOP PRESS*** Registration is now open here for the 2015 Mega Event & 10th FFP Loyatly Conference!

It’s scary! Yes, time to minimize credit card and personal data exposure. No travel company wants to be a victim of unauthorized cyber-attacks. But today security protocols are under pressure to deliver. Ritesh Gupta, Airline Information Correspondent assesses the situation

It’s blatantly obvious now. The threat of fraudsters deceitfully obtaining confidential information for card fraud is looming large over airlines, hotels and intermediaries. Travel brands are taking a beating. As much as travellers need to be aware of phishing and skimming, travel companies too now can’t ignore the possibility of a scam. Take the recent case of Mandarin Oriental Hotel Group. The chain’s credit card systems in several of its properties across the U. S. and Europe were accessed without authorization.

So what resulted in breach of such magnitude?

The incident apparently was a direct result of an unauthorized cyber-attack. The chain states that despite the group’s leading data security systems, “this malware was undetectable by all anti-viral systems”.

As per the initial update, the breach only impacted credit card data, but not pin numbers or the 3-4 digit security code required for manual authorization. Mandarin Oriental also clarified that no other personal guest data had been compromised.

The situation is serious, says Kristian Gjerding, CEO CellPoint Mobile, as it does have an impact on bottom line and brand equity (consumer trust), especially moving forward with some of the newer payment methods and the increased ownership of the full transaction flow by airlines. With an increase in mobile payments comes an inevitable increase in the potential for mobile payment fraud. These days, smartphones and tablets can be hacked just as easily as computers, adds Gjerding.

How to prevent such situation

It needs to be understood that as airlines and brands become more astute at detecting fraud, hackers will also become more sophisticated and organized, able to launch higher-level, intricate cybersecurity attacks. Hackers will always try to find ways in, but airlines have an opportunity to limit the scope of the impact by being just as clever and by instituting constantly evolving security measures from the moment of sign-up – the very barriers that keep hackers at bay.

So what needs to be done on an immediate basis?

Answering the same, Gjerding mentioned that several authentication measures can be taken by airlines to prevent many issues. However, attention to hacking needs to be a continuous process, especially with the increase in consumer smart devices and subsequent direct sales channels. “Airlines need to ensure that their security systems are flexible and scalable, to monitor and security activity around the volume of transactions and the various channels in which they take place,” said Gjerding.

Converged payments

Gjerding emphasised that converged payments can solve many of the complexities of cross-channel digital transactions by providing airlines the technology and architecture they need to make the process uncomplicated, secure at various stages of the process, flexible and holistically visible – not to mention seamless and easy for customers.  

The basic concept behind converged payments is that all transactional activities—payments, redemptions, bookings, security step-checks, authentication, etc.—converge into a single, secure infrastructure where they are managed, processed and authorized.

Minimizing exposure

Many steps can be taken to minimise risk of credit card and personal data exposure, such as compartmentalization and tokenization on the inside of the airline’s DMZ (Demilitarized zone. Network added between a private and a public network to provide additional layer of security), said Gjerding. He added, “With the increase in passenger self-service, however, airlines will have to expose access to services and data – a level of vulnerability through which hackers can gain access,”

With a converged payments architecture serving as an organizing funnel, information from varied and disparate sources is fed into a central operation, checked and verified, standardized and normalized, and then exposed to extra layers of security so that the resulting transactions—payments, ticket bookings, boarding passes, rewards redemptions, in-flight purchases, upgrades, baggage fees, refunds and the like—are processed within a common, robust environment.

Converged payments capabilities also provide a centralized view of a customer’s digital/ mobile transactions and activities: payments, loyalty, booking, fraud detection and more.

With silos eliminated and processes streamlined by the underlying infrastructure, payments are executed quickly and seamlessly for the customer and the airline, and protected from hackers and other online threats through real-time alerts and, when necessary, manual verification and processing.

The team at CellPoint Mobile considers “inside the DMZ” prevention to be an important addition to firewalls and external fraud measures. This is a system that monitors, acts and reports on suspicious activity from the inside and can include configurable fraud-alert rule sets, data- profiling modules, and other authentication measures.

With the eventual ability to mix-and-match cash, credit payments and rewards redemptions for financial transactions, airlines will need comprehensive solutions that can detect, prevent and mitigate all types of fraudulent activities that occur in the complicated payments ecosystem.

Follow us on Twitter: @Ai_Connects_Us
 

Ai Editorial: Managing multi-dimensional payments


Airlines need an infrastructure that lets them manage complex payment ecosystems, passenger smart devices and other vendors, writes R
itesh Gupta, Airline Information Correspondent

Airlines today do acknowledge the significance of setting up a converged payment architecture, but at the same time they also intend to refrain from inviting any sort of complexity. More than incurring new expenditure, and handling complexity of system integration that needs to be taken care of with different gateways for different channels, airlines can’t afford to slip up on the customer experience issue.

Gearing up for change

Today an entity has to deal with numerous back-end systems supporting several channels, all of which have to interact seamlessly with multiple consumer devices, and transaction initiation points.

Kristian Gjerding, CEO of Cell Point Mobile, says the challenge for airlines is to extract themselves from the rapid changes and various ways that alternative payment methods (APM’s) are handled within the payments ecosystem. The entire system is rapidly expanding and becoming increasingly complex, and it needs to be put at arm’s length from the airline. “Therefore, the airline industry needs to gear its infrastructure to manage this rapid change and fragmentation, and not rely on any one provider and channel,” he says.

According to Gjerding, the airline needs a buffer in the form of an extraction layer between the external payment methods and consumer e-wallets such as Apple Pay, MasterPass and Google Wallet, and the digital transactions they support.

This extraction layer can orchestrate and integrate how these various payment methods and data sources become available within the airline’s own channels without compromising control, independence and cost of service.

The bottom line is that airlines need to own their own travel ecosystem, says Gjerding.

“They (airlines) pay a premium for every passenger they get, and once they have passengers in that universe, they should be relentless about ensuring that passengers remains, because that’s where loyalty, repeat business, ancillary revenue and all of the other revenue opportunities happen,” emphasizes Gjerding. Airlines need an infrastructure that lets them manage complex payments ecosystems, passenger smart devices and other vendors, and not be managed by them. “If they own and manage the travel universe - and thereby the user journey - then they can make the payment experience secondary to the overall experience with the airline, process payments more cost-effectively, negotiate better rates with payment providers and focus instead on making everything seamless for the passenger. But do to this, they need control of the payments universe,” states Gjerding.

Managing complexity

Airlines need to consider complexity of system integration and handle different gateways for different channels, multiple integrations required into a variety of business systems etc.  Airlines need to take into consideration a couple of issues:

  • As the complexity of the payments ecosystem increases, airlines need to take control of the transaction, and they need the flexibility to add or remove payment service providers, depending on local market conditions, consumer behaviors and the ever-evolving ecosystem. “What they don’t want is an arrangement that land-locks them or gives away control of their external channels to an outside vendor. If they do it will drive up cost and reduce competitiveness,” says Gjerding.
  • Secondly, airlines need external fraud solutions, as well as an internal last line of defense against fraud and security breaches. They need fraud mitigation and management tools that can look into the systems that are under attack from the inside and can monitor transactions from the inside out, not just from the outside in. If airlines miss one or the other, they open themselves to vulnerability, stresses Gjerding.

And as end-to-end digital commerce shopping becomes a reality, airlines need to not only orchestrate, translate and manage the complex external payments ecosystem but also manage all of the rest of the internal travel-related activities that occur – the issuing of boarding cards, ticketing, and ancillary revenue – anything that is going to be serviced through self-service channels as well as call centers.

  • Airlines also need to cope up with associated costs for mobile payments, e-wallets etc. The cost of adding these can be pretty high just from an implementation point of view. “Airlines are often forced to adapt their systems to support various payment forms and the ways the payment service provider’s deal with them; this also goes for consumer digital wallets. However, the cost of adding new payment methods might be punitive, because the airline might not have a high enough volume of transactions to justify the cost,” says Gjerding. He says airlines  need an extraction layer that can orchestrate new payments methods, reduce time-to-market and reduce the costs of supporting those transactions and methods across the various digital channels including mobile. An extraction layer gives them a competitive edge and more flexibility to handle new forms of payments and to negotiate better rates with vendors and providers as they become less dependent on the payment service providers etc.

Airlines need to relook at their digital commerce infrastructure today to streamline transactions in the multi-channel, multi-device shopping environment.

It’s critical that airlines create a uniform, omni-channel experience. The airline needs a smart infrastructure that can manage the transaction in a way that creates a predictable, recognizable user journey, no matter which channel the passenger chooses, says Gjerding. He adds, “Furthermore, the infrastructure needs to make it easy to continue a transaction if a passenger’s Internet connection dies or the phone line cuts out, without having to start over. The front-end environment also needs the capability to deploy new vendor functions and new payments features simultaneously across channels, maintaining competitiveness and increase passenger satisfaction.”

It’s all about cross-channel seamlessness and un-broken transactions, simplifying the pathway to purchase which is what the digital passenger expects and demands. Getting it right will increase revenues, margin and passenger loyalty.

Follow us on Twitter: @Ai_Connects_Us

Guest Editorial: Payments - best practices for going global



The advent of e-commerce has significantly broken down trade frontiers making cross-border e-commerce, wherein consumers buy online from merchants located in other countries, easier than it has ever been. It is now possible for any business to rapidly expand internationally, and payments is a key driver of this opportunity. This editorial, provided to Airline Information by Adyen, will share some best practices and opportunites for cross-border payments for the airline & travel industry. 

Best Practice 1: Implement relevant payment methods

The customer journey starts long before setting foot on a plane, and the first best practice is to ensure that the whole customer experience is optimized for local consumers and that each country-specific website enables local consumers to pay with the relevant local payment methods.

Two examples: in China, hundreds of millions of your potential customers prefer to pay with local payment methods such as Alipay or UnionPay. In the Netherlands, around 40% of travel transactions are completed with iDEAL. Without accepting local payments in these two markets, as well as many others, you may lose the opportunity to convert these shoppers into customers.

Best Practice 2: Maximize approval rates

Once the relevant local payment methods have been enabled and the appropriate customer experience has been set up, another best practice is to maximize approval rates in each country, especially for card transactions.

Based on Adyen's data, an analysis was conducted in order to quantify the potential uplift in card approval rates when merchants use a local merchant of record (i.e. a local legal entity) to process transactions for a few key markets.

The research showed that in countries such as Germany, Brazil and the US, a local merchant of record generated an uplift in card approval rates greater than 5%, which is a major impact.

Best Practice 3: Optimize fraud management

Most importantly, merchants need to ensure that their fraud strategy (fraud policy, fraud prevention tools and processes, and human resources involved in fraud analysis and manual reviews) evolves in line with their international expansion. The clear best practice here is to adjust fraud policies and tools to reflect the unique nature of each market, because fraud patterns vary by country.

These are just a few examples of best practices for cross border payments, and how you can benefit from a better understanding of international payment processing. To read all the findings from the Adyen and Edgar, Dunn & Company (EDC) white paper “Cross-Border Payments - Opportunities and Best Practices for Going Global” click here.

To find out more about payment innovation please join us and your fellow industry professionals at the Networking Evening in Amsterdam, hosted by Adyen, on the evening of Thursday 5th of February 2015. You can register for this event by clicking here.

To reach out directly to Adyen, please contact Marcel Koppes at This email address is being protected from spambots. You need JavaScript enabled to view it. or see him at one of the 2015 ATPS events.

Editorials

  • Ai Editorial: Friendly fraud – a battle that still isn’t easy for airlines to cope up with +

    First Published on 17th November, 2017 Ai Editorial: Airlines continue to struggle to avert the danger of friendly fraud. There are new developments, ones related to machine learning and biometric Read More
  • Ai Editorial: Assessing building blocks for becoming a platform-enabled retailer +

    First Published on 14th November, 2017 It is imperative for airlines to be in as many winning digitally connected ecosystems as possible, while protecting their value add. Either you will Read More
  • Ai Video: Is being process-centric really a hindrance to being a retailer? +

    First Published on 7th November, 2017   Operations and safety have always been high on the agenda of those running an airline. In this context, if airlines have rather been Read More
  • 1
  • 2
  • 3
  • 4
  • 5