Solutions
- Airlines
  - Amadeus for Airlines
  - Products
- Airports
  - Amadeus for Airports
  - Products
- Border Authorities
  - Amadeus for Border Authorities
  - Products
- Corporate Travel & Expense
  - Products
  - Capabilities
  - Integrations
    - Travel & Expense Solution for Microsoft Teams
- Travel Sellers
  - Products
  - Content
- Hospitality
- Payments & e-invoicing
  - Outpayce
  - Voxel: B2B Payments and e-Invoicing
- Traveler behavior is changing at every touchpoint.
  
  Explore bold ideas, lead with cutting-edge tech, build powerful partnerships, and contribute to lasting impact.
  Discover more
Support & Training
- Support
- Training
- Already a customer?
  
  Log into Amadeus Service Hub for product news, learning materials, and customer support.
  Login
Partners
- Amadeus Partners
  
  At Amadeus, we value strong partnerships with different players across the travel ecosystem. Gain access to our solutions to develop your portfolio, reach new customers and add to your bottom line.
- Landmark partnership between Amadeus and Google Cloud
  
  Learn how this collaboration strengthens Amadeus' multi-cloud approach and AI innovation to improve efficiency, reliability and growth in travel.
  Read more
Resources
- Trending Topics
- Connected journeys: How will technology transform travel in the next decade?
  
  From AI-driven planning and biometric check-ins to smarter disruption management.
  Read the report
- Six travel trends that will redefine how we travel in 2026 and beyond
  
  Amadeus, in collaboration with Globetrender, unveils the tech, policy and innovation coming to transform the face of travel.
  Discover now
Company
- About Amadeus
  - About us
  - Leadership
  - Awards
  - Locations
- Careers
- Innovation
- Sustainability (ESG)
  
  Learn how we’re working to make travel a force for good.
- Amadeus Global Report 2024
  
  Get an overview of our company in 2024 from a business, financial and sustainability perspective.
  Access report
- Latest financial results
  
  Amadeus published its financial results for Q3 2025.
  View the results

Blog

SCA in travel payments part two: what happens when the travel agent processes the payment?

November 12, 2020

Last updated: December 2, 2020

4 min read

Available in other languages

EN DE

Alessandro Monge

Product Manager, Acceptance Solutions, Payments, Amadeus,

Share it!

We covered some of the background to Strong Customer Authentication in travel distribution as well as the ‘pass through’ model in part one of this series. In today’s blog post we’re examining how authentication works when the travel agency processes the payment as the Merchant of Record.

We covered some of the background to Strong Customer Authentication in travel distribution as well as the ‘pass through’ model inpart one of this series . In today’s blog post we’re examining how authentication works when the travel agency processes the payment as the Merchant of Record.

To be a Merchant of Record means that a travel player, such as a travel agency, is legally authorized to process the payment and therefore assumes responsibility for collecting money from the traveler and performing the SCA check. The Merchant of Record, or travel agency in this case, then makes B2B payment(s) to settle with all the other travel supplier(s) in the chain, such as an airline or hotel. It is the travel agency that manages the payment process directly, rather than each individual travel supplier.

Imagine a traveler is booking a hotel stay from an online travel agency (OTA). After they’ve found the right room, for the right price, they proceed to the payment stage.

Here, we might encounter the concept of a Merchant Initiated Transaction (MIT), for example, the traveler may be paying for the trip in installments or there could be a cancellation fee, so the OTA may need to charge the card again in the future, without the traveler being present. Therefore, if the OTA intends to charge the card without the traveler present (a MIT) it needs to clearly provide terms and conditions at the time of booking, as well as collect proof that the traveler has consented to this agreement.

In this scenario, the OTA conducts an SCA check using a One Time Passcode (OTP) sent to the traveler’s phone to authenticate them as the rightful cardholder. However, unlike the ‘pass-through’ model, the OTA doesn’t handover to the hotel, instead it processes the entire payment itself.

So, once the traveler has passed authentication, the OTA performs payment authorization with its own acquiring bank and so the process of obtaining funds from the traveler’s bank takes place, without the hotel being involved in the process.

Within this authorization process, the OTA should include the new SCA data elements obtained during the SCA check. These include:

Transaction ID (showing it’s an MIT transaction)
Electronic Commerce Indicator (proves SCA was successful)
A cryptogram (proves to the card scheme that the customer’s card can be processed)

Now the OTA has collected payment from the traveler it must settle with the hotel, requiring a B2B payment. Here, there are often advantages*should the OTA use a virtual card product to pay the hotel, given that virtual cards sometimes benefit from the Secure Corporate Payment exemption**provided for under SCA in many jurisdictions. However, it’s important for travel firms to check that issuers and local regulators support this exemption because it isn’t always the case. If the issuer and regulator do support the exemption, then the card issuing bank is able to recognize a virtual card based on the BIN range (the first six digits of the card number) and will be able to apply the Secure Corporate Payment exemption.

If the OTA were to pay the hotel using a traditional consumer card product (assigned to an individual at the OTA) then a further SCA check would need to be performed at this point with that individual. This is one reason why Amadeusadvocates virtual card based supplier payments .

For any on-trip payments, the hotel front desk would need to take details of a card held by the traveler, in order to cover any incidentals like meals or the mini bar as it is impractical for the OTA to handle these payments. For travel companies planning to use the Merchant of Record model, here is a quick checklist:

Travel agents need to provide MIT terms and conditions clearly at time of booking
Ensure new payment data is included in the payment authorization process
Consider upgrading supplier payments to virtual cards to ease the SCA burden when settling with suppliers
Travel suppliers need to ask for the traveler’s card details at check-in to cover any on-trip spend, which are processed as separate payments

When looking to introduce SCA why not downloadour new report to understand readiness levels across the industry and for a concise action plan on how to tackle SCA.

*Virtual Cards are typically created for a single amount, for use with a specific merchant, which means they carry significantly lower fraud exposure than a lodge or consumer card.

**The Secure Corporate Payment exemption recognizes that some payments are inherently more secure because they begin in a secure corporate environment e.g. within secure booking systems that are protected by security procedures and so SCA is not required.

This article was published byThe Paypers , the Netherlands-based leading independent source of news and intelligence for professionals in the global payment community.

Read in full our research report on SCA for travel payments

Download now

TO TOP