Rising to the challenge: We’ve prepared for Strong Customer Authentication across all channels

Jean-Christophe Lacour

Head of Merchant Services, Payments, Amadeus

This content is only available in this language.

At Amadeus, we have several hats, we’re a payment facilitator for the travel industry helping airlines, hotels and travel agencies to process over €100B annually, and of course we’re better known for providing technology to the industry with our systems powering direct and indirect sales channels.

As such, it isn’t just our customers and our banking partners that have been preparing for SCA, we are doing everything possible to enable SCA, whilst mitigating its impact on travel commerce. Here are three ways we’ve been tackling the issue to support our clients and banking partners.

Upgrading our own systems  

As an indirect distribution provider our systems handle bookings from a variety of travel providers (airlines, hotels, etc.) and a variety of content types (EDIFACT, NDC, API) and as such we need to ensure that SCA can be applied to indirect sales too. In this scenario, we’ve deployed the 3DS protocol across the Xchange Payments Platform, so SCA can be performed when required. Today, this works using the 3DS 1.0 protocol, which is compliant, but we plan to enable 3DS 2.x to further reduce payment friction for indirect travel with trials of the latest authentication protocol currently underway with our customers.  

Part of making this possible is ensuring our Global Distribution System can pass authentication data back through the chain to the airline. Our system passes data about the success of a payment to the airline via IATAs Billing and Settlement Plan (BSP) in what’s known as a ‘RET file’. IATA very recently updated its ‘Data Interchange Specifications Handbook’ DISH, which governs how RET files must be standardized so that traveler authentication information can now also be provided to airlines, alongside basic payment data. Amadeus’ Global Distribution System is being upgraded to the latest DISH specifications and will be fully ready in line with IATA’s 2019 timeframe. 


Bringing the latest in fraud prevention technology to the industry 

Being able to efficiently and reliably authenticate a customer is all about understanding the payment transaction. If card issuers are to have greater knowledge, and therefore confidence, that a person is who they claim to be then they require more data points with which to work. That’s why we’ve partnered with CyberSource, Visa’s payment management platform to tailor its 3D Secure 2.x solution for use in the travel industry via our Xchange Payment Platform meaning the industry requires only a single integration for all its authentication needs. With this new integration, merchants can exchange more transaction data with issuers whilst powerful fraud solutions can analyse billions of transactions, helping to better identify fraud and reduce false-positives. Ultimately, this solution helps to increase conversion rates whilst supporting the optimum traveler experience. 


Collaborating with our partners and the industry to deliver SCA 

Today, one of the challenges of authenticating the customer for indirect corporate travel bookings is a lack of visibility into the specific context of a payment. The card issuer needs to understand the nature of each transaction, so they can determine if it can be exempt from SCA based on the ‘Secure Corporate Payments’ exemption. Card issuers are currently working with local regulators to gain permission to apply this exemption, from our side we are collaborating with the banks and our customers to devise a new messaging standard. This new message will allow additional contextual information about the nature of each transaction to reach the card issuers e.g. was it made by a lodged card that has previously been subject to SCA. 

Similarly, collaboration is key to the success of rolling out B2B Wallets. Our B2B Wallet solution helps agents pay travel suppliers efficiently and securely, using virtual card technology. Such payments are already protected from fraud as each card is typically only used for a specified single transaction, never-the-less we’re working with our card issuer partners to encourage them to secure local regulatory approval for the Secure Corporate Payment exemption.  


Payments is a team effort and we look forward to continued collaboration right across the payments chain to support the successful roll-out of SCA across the industry.  

Download our guide to prepare your business for Strong Customer Authentication

Download now