The advent of e-commerce has significantly broken down trade frontiers making cross-border e-commerce, wherein consumers buy online from merchants located in other countries, easier than it has ever been. It is now possible for any business to rapidly expand internationally, and payments is a key driver of this opportunity. This editorial, provided to Airline Information by Adyen, will share some best practices and opportunites for cross-border payments for the airline & travel industry.
Best Practice 1: Implement relevant payment methods
The customer journey starts long before setting foot on a plane, and the first best practice is to ensure that the whole customer experience is optimized for local consumers and that each country-specific website enables local consumers to pay with the relevant local payment methods.
Two examples: in China, hundreds of millions of your potential customers prefer to pay with local payment methods such as Alipay or UnionPay. In the Netherlands, around 40% of travel transactions are completed with iDEAL. Without accepting local payments in these two markets, as well as many others, you may lose the opportunity to convert these shoppers into customers.
Best Practice 2:Maximize approval rates
Once the relevant local payment methods have been enabled and the appropriate customer experience has been set up, another best practice is to maximize approval rates in each country, especially for card transactions.
Based on Adyen's data, an analysis was conducted in order to quantify the potential uplift in card approval rates when merchants use a local merchant of record (i.e. a local legal entity) to process transactions for a few key markets.
The research showed that in countries such as Germany, Brazil and the US, a local merchant of record generated an uplift in card approval rates greater than 5%, which is a major impact.
Best Practice 3: Optimize fraud management
Most importantly, merchants need to ensure that their fraud strategy (fraud policy, fraud prevention tools and processes, and human resources involved in fraud analysis and manual reviews) evolves in line with their international expansion. The clear best practice here is to adjust fraud policies and tools to reflect the unique nature of each market, because fraud patterns vary by country.
These are just a few examples of best practices for cross border payments, and how you can benefit from a better understanding of international payment processing. To read all the findings from the Adyen and Edgar, Dunn & Company (EDC) white paper “Cross-Border Payments - Opportunities and Best Practices for Going Global” click here.
To find out more about payment innovation please join us and your fellow industry professionals at the Networking Evening in Amsterdam, hosted by Adyen, on the evening of Thursday 5th of February 2015. You can register for this event by clicking here.
To reach out directly to Adyen, please contact Marcel Koppes at marcel.koppes@adyen.com or see him at one of the 2015 ATPS events.
Transavia is a European airline that partnered with Adyen in 2012. Since then, the airline has made great strides in three key areas - optimizing 3D Secure, adding local payment methods, and growing m-commerce.
A particularly interesting part of the relationship for airlines is the implementation of a dynamic approach to 3D Secure.
With Adyen, Transavia is able to identify transactions that are high risk, based on a number of factors, including location, time, day of the week, transaction value, and more, and dynamically introduce 3D Secure only on those transactions.
"Based on a number of transaction values, we define per payment whether or not to implement 3D Secure. This means we can use data to identify high-risk transactions, and consistently adjust our setting to minimize the risk of fraudulent transactions without impacting the customer payment flow,"says Roy Scheerder, Chief Commercial Officer, Transavia Netherlands.
With this groundbreaking approach, Transavia now has fine grain control over which individual transactions it should introduce 3D Secure on, helping the business to increase overall authorization rates without inadvertently approving more fraudulent transaction attempts.
To find out more about how Transavia's partnership with Adyen is helping the business drive results with 3D Secure, local payment methods, and m-commerce, click here.
Airline Information recently ran a webinar with Jumio: How Fraudsters Steal Identities: and how to stop them from booking on your site.Hosted by Jumio's Marketing Director, David Pope, with Airline Information's Michael Smith, this webinar explained the research that went into Jumio's Fraudsters' Playbook white paper. It covered:
The Wi-Fi crack: Savour the smell of freshly roasted coffee The local government census: The fraudster always knocks twice Social media techniques: My virtual friend, the real life fraudster The loyalty discount offer: If it looks too good to be true... The Fraud Forums: Pop to the market and use the retailers’ own data
With the airline & travel industry being one of the largest targets for fraudsters and because this webinar was so entertaining and informative, we wanted to make it available to those who missed it. You can watch the presentation and listen to the webinar below:
Ai Editorial: DDoS or distributed denial of service are damaging for all e-commerce entities, and IoT-based botnets are only adding to the threat of disruption to services, writes Ai’s Ritesh Gupta
Businesses need to gear up for the era of Internet of Things (IoT), make the most of tokenization offering for contextual commerce, realign the flow of work across the business to service customers better…pressure is immense on organizations, including airlines, to evolve and embrace digital disruption.
But an inherent weakness in a technology or devices can result in a cyber assault, and airlines need to be wary of the same.
A prime example is IoT continuously being exploited and used in cyber criminal activity. It is important to assess how to counter concerns such as IoT fuelling future DDoS (distributed denial of service - a host of compromised systems launch an assault on one target, thereby triggering denial of service for users of the targeted system) attacks.
This point is being raised as the number of attacks, the severity of such strikes and even the revelation of vulnerabilities can throttle a move towards change. This is not to discourage what an airline needs to do to embrace digital transformation, but rather prepare for any move in a meticulous manner.
Be it for online banking, retail or travel, e-commerce as a sector has to counter such malicious moves.
Relatively easier to hack now
At a time when passengers expect a real-time answer or action on their feedback, what airlines need to be wary of is a break in any of the touchpoints and tighten their security.
The more devices an airline connects to the Internet, the more exposed this carrier would be to potential attacks.
It is being highlighted that the technical proficiency needed to perform cyber attacks is on the decline. Malware and services such as DDoS are easily acquired on the dark web. Other than DDoS, ransomware on connected watches, fitness trackers and TVs is expected to pose another challenge.
In their recently released report, National Cyber Security Centre (NCSC), the national technical authority for cyber security in the UK, stated that the degree of cyber threat varies from technical skills being “bought” to persistent threats involving custom-built malware designed to compromise specific targets.
Being digital first also means tighter security
If we talk of mobile-first engagement, attacks such as the one reportedly featuring Tesco Bank in the UK (it was reported that either Tesco’s internal systems or their mobile application were breached) put a question mark over the security of mobile apps. There are steps that airlines definitely need to focus on – additional layer of security in the form of biometric recognition or facial recognition, end-to-end encryption, working on mobile app security testing as part of the software development lifecycle etc. As for mobile-related threats, specialists point out organizations need to be wary of elevated permissions to install further malware such as keyloggers which could be used to steal login credentials, SMishing often proving to be more effective than traditional PC phishing campaigns etc.
But even as mobile malware is growing (surely can’t be ignored), it is the IoT that is proving to be a bigger concern. It has expanded the risk to all customer devices becoming compromised or attacked. Poor security practices in connected devices is coming to the fore. With feeble security, IoT devices are resulting in DDoS attacks. Not surprisingly, the list of vulnerable areas now features attacks on building blocks on which the Internet runs.
For instance, the looming threat from the Mirai botnet. This botnet is being monetized today by cyber criminals for a large DDoS. It scan IP addresses across the internet looking for insecure devices. As per the information available, Mirai, a malware infecting vulnerable, connected devices, scans for 68 user name and password mishmash when attempting to infect and control a connected device.
The emergence of botnets means cyber attacks are only getting sophisticated. If we talk of “threat actors”, there is this trend of learning from, hiring and working with one another. Akamai recently highlighted that the largest DDoS attack in their network came from Spike, a malware that has been around for over 24 months. This points to the fact that botnet operators take the emergence of Mirai botnet as a challenge, and try to compete and prove more hazardous with their next attack!
What to consider?
Protecting the disparate components of the IoT ecosystem is vital.
Such devices need to be protected considering that they are operating in a digital environment. Equally important is the security of data transfer featuring the IoT devices and the platform. Data and privacy breaches continue to be on the rise. Also, a secure API platform is must.
Specialists also have been clarifying some of the misconceptions. According to Imperva, a data and application security specialist, even high bandwidth won’t shield a site from concentrated packets-per-second (PPS) and application layer attacks (no amount of bandwidth can guarantee 100 percent uptime), and there in no point in relying on a pre-existing appliance to block an incoming DDoS assault.
E-commerce entities, be it for airlines or online travel agencies, need to look beyond common vulnerabilities such as SQL injections or Local File Inclusions. So be it for working out scalable threat prevention security for any cloud - public, private and hybrid or trained staff or to working out right security architecture as well as documenting all networks with known traffic flows and shielding all disparate components of the IoT ecosystem, a detailed preparation is needed to protect the digital assets.
Ai Editorial:Airlines need to refine their fraud management tactics as well as work closely with travel agencies to reduce chargeback levels. Ai’s Ritesh Gupta learns how
Managing credit card fraud is an ongoing process for airlines, and keeping a tab on fraudulent transactions coming in via travel agencies remains a critical issue.
In fact, airlines list fraud-related issues associated with third party channels as a major challenge till date.
As airlines put smarter tools in place to detect fraud, fraudsters also get smarter; they move from one channel to another until they find the “unprotected front”.
“We already see airlines who can deny a transaction in their call centers if it comes from a customer who has already been rejected on their website,” says Celia Pereiro, Head of Travel Payments at Amadeus. “Airlines should extend this multi-channel approach to an omni-channel one, which includes a single repository for all travel data regardless of the channel.”
And negligence or being ignorant wouldn’t help at all.
“If airlines consider that, in view of IATA Resolution 890, payment fraud committed via a travel agent is not airlines’ concern (those airlines) may be missing the full impact of fraud,” says Pereiro.
She says regardless of who is liable for the cost of the chargeback, airlines, as the merchant of record, are still liable for processing, investigating and resolving the chargeback; moreover, the airline will never recover the bank fees incurred when they processed the payment in the first place.
For its part, Amadeus has developed a solution that will allow airlines to implement a fraud detection mechanism before authorization and ticketing issuance, saving both manual intervention and costs.
Points to consider
Contribution: First of all, airlines should look at the weight of indirect distribution in their overall channel mix. Secondly, they must analyze how big of an impact fraud is on this channel – this is often hard to track for airlines because the information they receive in a chargeback may not include reservation details, says Pereiro. Carriers should also consider the loss of revenue and costs as a result of fraud and the negative impact it may have on the relationship with travel agencies.
Communication: Fraudsters today take advantage of the lack of, or, delayed communication between travel agencies and airlines by making an innocent-looking booking with a travel agency and then calling the airline call centre to change the details of the booking to one which would have been detected by a fraud management system. Airlines and travel agencies should work together and ensure seamless communication to close loopholes such as these, recommends Pereiro.
Reaction time: In case there is a dubious development, the response time and the sort of action that is taken needs to be improved upon. “The lack of automation and the long cycle of a travel agency sale often make it difficult to react quickly,” points out Pereiro. In order to close that gap, airlines need to gear up for real-time visibility of all transactions processed via a payment platform. “This will allow airlines to have not only a single repository of payment and PNR details, but also enable them to easily take corrective actions on bookings, look at statistics and monitor performance,” says Pereiro.
Operational costs: It is a common practice that airlines cancel bookings done by travel agencies due to credit card fraud. The communication between airlines and travel agencies varies from one airline to another however, it usually involves manual intervention. When a booking is cancelled both the customer and travel agent will be able to see the booking as cancelled, says Pereiro. One needs to automate follow-up actions performed based on the fraud check results, helping reduce airlines’ operational costs. “If, after a manual review, the airline decides that the transaction is fraudulent, we automatically void the ticket and cancel the booking, enabling the airline to automate communication with the travel agencies,” shared Pereiro.
Checks on a booking: It is imperative to integrate a fraud check into the GDS booking flow with no impact on the agent’s booking flow. This means that airlines can stop fraud before the ticket has even been issued, reducing the manual effort associated with managing fraudulent bookings. “As we manage the booking, we can use data to contextualise the sale and easily identify good and bad customers at the time of booking,” says Pereiro. There is a fraud screening request before even requesting an authorisation. This is an essential step to save costs by preventing a ticket from being issued when payment is detected as fraudulent.
For bookings that require a further review, airlines can make a decision based on information and either accept or deny that booking. “If an airline decides to deny the booking and the ticket has already been issued, then we’re able to automatically void the ticket, therefore maximising effectiveness and reducing the manual workload,” says Pereiro.
The prevalent situation
Nowadays the earliest airlines can detect fraud is usually after the ticket has been issued, says Pereiro. Today, airlines can have internal processes in place or rely on a third party to screen all bookings coming via the travel agency channel. All this, though, ends up being costly as it involves heavy manual intervention and clearing up to be done when a payment is detected as fraudulent. This is however the best case scenario, says Pereiro.
Most commonly, fraud is detected at settlement time by the airline’s bank, which is then reported to the airline as a chargeback. Then the costs add on, making the ticket cost only one component of the total cost of a fraudulent sale.
The worst case scenario is when airlines take a binary approach to fraud controls; for example blocking transactions from entire countries or regions– rejecting valid transactions as a result. Assuming that the false positive rate is 5%, then even small airlines could be missing out on hundreds of thousands of dollars’ worth of revenue. To be able to realise these savings airlines should consider smarter anti-fraud solutions which uses the traveller data at their disposal to check for indicators that a transaction is fraudulent or not. For example, historical data which shows that a traveller has a history of making similar trips – even on different airlines – would add significantly to the accuracy of fraud checks.
So what happens when an alert surfaces that stops a ticket from being issued when payment is detected as fraudulent?
Pereiro explains: when a transaction is sent to be checked by a fraud management provider, the resulting cases can be one of the following:
Positive – this doesn’t look fraudulent
Maybe – this should be checked
Negative - this looks fraudulent
Fraud management needs to be business rules-driven, meaning that the responses provided will be determined by the score each transaction obtains based on the criteria selected. “In addition, we can help airlines to define their fraud strategy and set the balance between accepting and denying transactions,” shared Pereiro.
With the Amadeus product, in the case of a positive result the ticket is issued; in the case of maybe the ticket is put on hold and the PNR is placed in a queue for manual review, where a negative response triggers stopping the booking before the authorization process and there is no option to issue the ticket; and in the negative case the booking is automatically cancelled.
Follow Ai on Twitter: @Ai_Connects_Us and Checkout our events at:www.AiConnects.us
First Published on 14th December 2016
Ai Editorial: Retail automation, frictionless checkout, invisible payments etc. are developments that are set to redefine shopping. As commerce evolves, airlines, too, need to respond to such exciting initiatives, writes Ai’s Ritesh Gupta
“No line. No checkout.” This is what the retail sector is inching towards.
Being “made to wait” at any stage of shopping, be it offline or online, can be a dampener. So the retail sector is steadfastly doing away with what can be the bane for conversion or the overall shopping experience.
If we go by what Amazon has come up with (Amazon Go is a new kind of store with no checkout required) or even what Panasonic is testing (convenience-store checkout machines that can scan and bag items on their own), then you don’t really worry about waiting for paying. In case of Amazon Go, the company says you never have to wait in line. Consumers can avail the Amazon Go app to enter the store, shop and leave. In case of Panasonic, the system is retailer agnostic, so one won’t necessarily need Amazon credentials or a specific ecosystem, says Apple or Google. This all needs to be considered as the bar for delighting a customer gets raised. Comparison between retail and travel would be inevitable at some stage, as one would expect travel e-commerce to respond too. So if I am moving straight out of a supermarket without having to wait for my turn to pay, then why wouldn’t I expect the same say during any stage of my journey?
Isn’t it relieving when you move out of a cab, say Uber, and all you need to do is focus on luggage rather than paying for the ride? It might not take more than a couple of minutes to pay, but when technology saves your time, we start falling for it. We start expecting it in other areas, too.
Technology – the driving force
Technology is driving automation, and it can overlap for different sectors. For instance, Amazon Go’s checkout-free shopping experience features similar technologies as used in self-driving cars: computer vision, sensor fusion, and deep learning.
The Internet of Things (IoT) is also lending a new dimension to convenience.
So as machines take over and manage certain decisions, say ordering grocery, consumer behavior is likely to alter drastically.
This definitely is going to affect e-commerce merchants, including airlines, across the globe.
As we highlighted in one of our recent articles, IoT thinking and increasingly smartphones are leading to more sophisticated digital wallets and mobile payments – which will lead to personalized mobile wallets or payment technologies with predictive capabilities built in. IoT might extent to other transaction or authentication technologies, and some banks or companies are already experimenting with voice recognition, facial recognition, various kinds of chips, even pulse recognition as the identification-verification step needed for payments.
As for facilitating payments, as Ingenico points out, the IoT payment solution will need an infrastructure based on cloud architecture and connectivity. This would call for standardization in the payments process.
Gap between retail and travel
Despite the unique and inherent attributes that have shaped travel into a silo industry, airlines and OTAs alike are coming to the conclusion that the gap between travel and traditional retail is reducing. This is due in part to the growth of ecommerce and evolutional demands of today’s consumers. As a result, a competitive advantage will be given to those companies that think outside the box when it comes to payment acceptance.
Conversion has always been a hot topic, but with the transformational changes in payments, gaining a competitive advantage takes a lot more than layout and price. Similar to what has transpired with big box e-tailers, the changes in consumer behavior today foretells significant innovation requirements for travel and airlines, as asserted by Chargebacks911’s COO, Monica Eaton-Cardone. In a recent interaction, she pointed out that e-commerce leaders such as Amazon and Apple have pioneered efforts that will forever change the way buyers and sellers view commerce, but even before the hype of today’s frictionless frenzy, payment methods and options were evolving. Loyalty programs advanced to store credit, financing options such as “Bill Me Later” became a popular contender, and a variety of monthly recurring options with the addition of new value add-ons helped curb profit requirements in order to support price wars—which are still going on today.
When it comes to airlines, the breadcrumb trail has already been laid. Loyalty programs offer dwindling promises as airlines are forced to follow the footsteps of other industry pioneers that faced similar issues.
The could be fraud risk with emerging payment options and passengers do worry about security and privacy of their information, especially when it is stored in the cloud or available online databases. The good news is that travel isn’t the first industry to test out these emerging options. Effective management strategies, first designed for the pioneering retail sector, are available and scalable for travel. Solutions are derived from rule-based service policies and intelligent feedback.
As for payments, the real challenge is that each payment method has its own risk factors. It’s necessary to plan accordingly—for each different payment method you accept or new technology you embrace, carefully research any security vulnerabilities, and have a solution in-place to mitigate that risk.
But airlines would need to respond swiftly to emerging developments in the retail sector.
The fact is, today’s customer is a very different consumer than those of the past, and the gap between travel and retail is closing quickly. In order to compete, conversion is king. This means being able to identify your customer’s wants and needs, then serving up options that meet or exceed those expectations.
Ai Editorial: Airlines are counting on machine learning to make decisions designed to optimize sales while keeping fraud and chargeback rates under control, writes Ai’s Ritesh Gupta
How efficiently machine learning is coming to grips with blocking fraudulent transactions automatically? And how does it work?
As I initiate my conversation with Justin Lie, who has built CashShield, a SaaS based self-learning fraud prevention solution for ecommerce, from scratch, I am eager to know how the industry is trying to combat fraudsters.
The first remark is sharp enough to grab attention. “In recent years, online fraud syndicates are increasingly using machines to mask their online transactions as genuine, and they are well ahead in the technology that they are using as compared to what the travel industry is currently deploying. Therefore, it is imperative for companies in the travel sector to move towards using big data and machine learning to deal with fraud more effectively.”
As this tactic has been around for a while, where do cracks emerge then?
Singapore-based Lie, Group CEO, Founder, CashShield, says when we talk of machine learning, it is important to differentiate between the different types of machine learning deployed. Many fraud solutions in the market now tout their use of machine learning, but they are usually only using one form of machine learning – predictive analytics – which allows the solution to predict future fraud based on historical data.
Not just predictive analytics
So this method of fraud prevention is good, but problems arise when completely new transactions with no historical data are submitted into the system, and there is no way for the machine to predict whether or not the transaction is genuine or fraudulent.
“For instance, when a fraudster uses a new program to carry out a fraud attack, there would be no records of the new program, making it difficult for the machine to detect the suspicious behaviour until the fraudulent transactions were accepted and later recorded in the system as fraudulent,” explains Lie.
He says to increase the effectiveness of the fraud system, another form of machine learning must be used as well – pattern recognition.
“With pattern recognition, even without any prior historical data, the machine is able to detect patterns across different transactions and diagnose if the transaction exhibited bot behaviour or human behaviour,” Lie asserts. Using big data, the system collects information from the merchant’s website, such as the user’s web movement behaviour, social media accounts, likes or comments on the website, e-newsletter subscription or alternative payment methods. Combined with pattern recognition, the system draws patterns (for both positive and negative behaviour) to map the DNA profile of the user, and determine if other incoming transactions exhibit the same (fraudulent) behaviour or not. The large quantity of information collected from big data makes it difficult for fraudsters to cover all of their tracks, therefore increasing the effectiveness of preventing fraud.
Apt blend
We also dwelled on what different types of machine learning are there for an apt blend of chargeback protection and fraud prevention.
Lie explained: pattern recognition, deep learning and stochastic optimization are also necessary for combining millions of test results to be crunched for an optimized yes or no decision in real time. “Predictive analytics falls under the branches of supervised learning in machine learning, and is important to predict if a fraudster will use the same attack again in the future. However, other forms of machine learning – unsupervised learning – are also important, especially when new attacks with no previous data happen. Unsupervised machine learning is able to seek patterns and correlation amidst the new data collected, which helps to identify positive and negative behaviour, and is effective in identifying genuine customers as much as identifying fraudsters,” he said.
He further explained: Statistical modelling provides test results, while probability modelling assigns weighting. When we apply this to fraud screening, using probability modelling only gives you a risk score based on the information collected about the transaction. The merchant still has to rely on a team of manual reviewers to look at the risk score and decide whether or not to accept the transaction. The problem here is that fraud officers are often risk averse and their main KPI is to bring the fraud rate as close to zero as possible, which results in many borderline genuine transactions rejected. Consequently, sales suffer tremendously since many genuine customers are turned away. Therefore, it is more useful and effective to rely on an algorithm – what we call an optimized fraud risk management algorithm – to make decisions designed to optimize sales as much as possible while keeping fraud and chargeback rates under control.
Optimized fraud risk algorithm
As for how such algorithm functions, Lie referred to two examples:
· The first example: It is not uncommon for a sibling to use another sibling’s online shopping website account to accumulate more loyalty points easily or for the former to use the latter’s accrued loyalty points for discounts. The problem occurs when the former sibling ends up signing in from a different IP address, uses a different device (different device fingerprint) and pays with a different payment account. Immediately, this will be flagged as suspicious behaviour, as it seems like a fraudster is hacking into the user’s account. However, through identity mapping, powered by machine learning, with the algorithm, the machine is able to use data to identify positive behaviour, rather than focus on all the negative behaviour only to pull this genuine customer away from the pool of flagged transactions.
· The second example: Small signs may be used to point out signs of fraudulent activity, even if they seem insignificant. Perhaps we have a user who, every time he makes a transaction, will be conscious to unselect the field to subscribe to the merchant’s newsletter. However, a fraudster that has hacked into his account has programmed his attack to select the field to subscribe to the merchant’s newsletter. With small signs like this, the machine is able to see how this fraudulent transaction does not match the user’s purchasing pattern of behaviour, and is therefore able to reject this transaction as fraudulent rather than genuine.
A study, by Sift, has shared that fraudsters are moving freely from one fraud type to another. With data breaches, it is easy for hackers and fraudsters to gain additional information and plan other types of fraud beyond payment fraud.
A unified or a blanket approach to dealing with various types of frauds that exist in the e-commerce sector isn't going to work anymore.
The travel e-commerce sector, being a lucrative proposition for fraudsters, remains a prime target. Fraudsters are always looking at new methods to discover an enterprise's vulnerabilities. So travel merchants not only need to be vigilant of the types of fraud but also be prepared to deal with them discretely.
Fraudsters are becoming better at what they do. They are increasingly going after more than one type of fraud. Plus, fraudsters commit fraud in more than one industry. According to an analysis by Sift, fraudsters are moving freely from one fraud type to another.
As for the types of fraud, the list includes payment-related fraud (unauthorized payment transactions, featuring stolen credit cards, debit cards etc.); new account or fake account (created by a fake identity, a fraudster or bot signing up for an account using another person’s real identity/credentials) and account takeover (a genuine user creates an account, and a fraudster later gains access to it and uses it for fraud). Sift also referred to fake content and fraudsters abuse promotions by redeeming coupons multiple times, or by creating fake accounts to redeem additional promotional offers.
Looking beyond payment-related fraud
The latest analysis, based on the team's study of over 34,000 sites and apps in Sift’s customer base, with "data breaches making users’ credentials readily available on the dark web, it’s easy for bad actors to obtain additional information and attempt other types of fraud beyond payment fraud".
Some of the other key findings:
Highlighting the way fraudsters continue to move ahead and pose new threats, the study indicated that various verticals are targeted concurrently. And whether those verticals are connected or not, doesn't matter. While digital e-commerce is the industry most plagued with fraud, fraudsters move fluidly from one industry to another, attempting multiple types of fraud. Fraud is not linear, but rather an interconnected web.
- 78% of fraudsters who start in digital e-commerce are also likely to commit fraud in another industry.
- 86% of fraudsters commit fraud in more than one industry.
In the list of the "fraudiest" industries, the travel sector is at the third spot. The top two sectors are digital e-commerce and physical e-commerce.
With such cross-industry focus of fraudsters, it is must for stakeholders to find out how the culprits find ways to hide or execute malicious tactics. Merchants and fraud prevention specialists acknowledge the significance of the same. For instance, spoofing has become more commonplace. Fraud is more complex than ever, and the only way to battle it out with fraudsters is to comprehend the perpetually evolving fraud landscape.
Keen on exploring fraud prevention and payment-related issues?
Mobile customer experience has a major impact on the conversion rate. Ai Correspondent’s Ritesh Gupta assesses small steps that can help in improving the same
Every minute detail, every second that eventually leads to a transaction via a mobile device is being thoroughly studied by airlines. The level of introspection is getting deeper, owing to the fact that the rate of booking abandonment in the travel e-commerce category is as high as 80%.
So what are key the customer experience-related questions that are being addressed today?
Issues like simplifying data entry, curtailing the time taken or steps toward finishing a transaction, guarantee that the offer is the best possible one (pricing or perceived value being the best) or just ensuring navigation is top-notch take all the attention.
“The most critical issue in the mobile experience today is balancing the efficiency and seamless interaction that customers have come to expect with the security and safety that businesses must provide. Customers abandon transactions for a number of reasons, and if a company’s mobile site or app is plagued with slow load times, a clunky UI, or a labor intensive checkout process, consumers will naturally seek out a competitor who delivers a more convenient and pleasant experience,” says Marc Barach, chief marketing officer at Jumio.
Something as severe as a crash, too, should be avoided.
The most annoying thing is an app crash, especially after a long form is filled in, says Michal Juhas, Asian mobile booking specialist HotelQuickly’s co-founder/ CTO.
“When we were starting with HotelQuickly iOS and Android apps, the team was very small. We faced some production defects every week. But as we grew and set up a proper QA department, we brought the crashes below 0.07%,” shared Juhas.
Brands should look at reducing anxiety and rather building trust at every stage.
Here are some key points that can help in improving upon on these core issues:
Put yourself into a traveller’ shoes: It is vital for any supplier or intermediary to first strengthen the product itself. For instance, if I don’t like to rush all the time, how can an app go beyond last-minute travel booking option. There are apps that are answering such concerns with “tomorrow booking” feature. Also, as Jumio, points out even till date apps and mobile websites don’t embrace initiatives that don’t let customers to think they are actually trying to complete a booking on a relatively smaller screen. So automatically switching between the alphabetical and numerical keyboards based on what data is being typed is something that would not peeve a user.
A customer shouldn’t be made to think during the booking flow. So one should focus on streamlining the process to whatever extent it is possible.
It should be remembered that overloaded apps can be just as bad as under-featured offerings.
Also, a customer can shuffle between devices for one transaction. As Barach says, today with everything on-demand from the cloud, the transaction is independent of the device. Consumers go back and forth between desktop, mobile, and tablet so frequently that businesses have really begun to realize the importance of responsive design and that their experience feels seamless across each device. When optimizing for different devices, it’s really critical to take into consideration what activities your users are most likely undertaking on that platform and put that functionality front and centre, says Barach.
Airlines need to conduct a variety of tests on the checkout funnel, and opt for an apt variation. Is the shortest path always the best one? Airlines need to assess this in detail.
Seek constant improvement: This arena is still a work in progress, so there are new solutions that can take care of concerns like security.
For its part, Jumio recently stated that with its computer vision technology, lastminute.com group’s Bravofly.com app users are now be able to book flights in half-a-minute, six times faster than before.
With Jumio’s BAM Checkout, a customer taps the scan button integrated into a mobile checkout form and holds up their credit card and, optionally, back of driver license to their mobile device’s camera. Their personal information and credit card number are auto populated in seconds, eliminating the need for customers to spend about two minutes typing an average of 75 keystrokes to fill in their name, address and payment data
One final assurance: There is always plenty to learn from the other sectors. I came across a stage where a retailer displayed a particular date rather than number of days after which my order would be delivered. Such message definitely made an impact as I could see myself closer to something I had desired. So travel brands needs to be creative with their images or messages (of course, has to be clutter-free) that can add a tinge of positivity around the transaction.
Payment option: The choice of offering card schemes or alternative payment option needs to be fully localized. For instance, HotelQuickly assesses the most used payment methods and integrates them if that individual payment method is compatible with its business model. “If a larger provider offers several local alternative payment methods, less used payment methods might also be integrated as there is no additional effort required to offer them. We want to bring enjoyable, stress-less last-minute travelling to as many travellers as possible which includes removing credit card payment barriers,” Mario Peng, co-founder and CFO, HotelQuickly mentioned in a previous article.
Don’t forget to address fraud: With near constant news around data breaches and hacks, customers expect their transactions and personal information to be handled with the utmost care, and airlines obviously need to ensure that travellers are not just physically safe, but also data safe.Airlines need to ensure that the person making a transaction is who they claim to be and to do it in a way that adds convenience to the process. Jumio’s offering matches the information on the credit card to that on the driver’s license and Netverify offers Face Match technology that compares the customer’s actual face with the photo on their ID and produces a likelihood-of-match score.
According to Adyen, airlines need to selectively apply 3D Secure only to high-risk transactions, based on data customized to the airline. The way to do this is to dynamically assess and rank a transaction’s risk score on a scale from low to high, and then trigger 3D Secure only for the high-risk transactions. This means airlines can avoid routing genuine customers through 3D Secure, ensure a smoother payment flow, and minimize the potential conversion impact. By making 3D Secure a dynamic part of the payment flow, it becomes an asset rather than a conversion killer.
Juhas says mobile companies need to invest into high quality fraud detection software and build a dedicated team to identify and prevent credit card fraud and voucher misuse.
Never lose sight of overall experience
Even as mobile commerce is key to revenue generation, it shouldn’t be forgotten that airlines need to increase engagement with their apps by understanding that their customers want more than a place to look up flight times or status.
“They (travellers) want the holistic travel experience at their fingertips, from convenient ways to check-in, purchase of travel-related services from in-flight entertainment to seat upgrades and the ability to make additional travel accommodations, like United Airline’s integration of Uber into their app. Likewise, UAL’s integration of Jumio into their mobile boarding pass issuance process delivers greater speed and convenience than the old way of obtaining a pass,” says Barach.
The most important thing for airlines to keep in mind is that travel is more than just the flight itself, it’s the entire experience from start to finish, from booking the trip to arriving back home. The airline’s app has the opportunity to become the consumer’s control panel for the entire experience.
Ai Editorial: Bitcoin, Alipay, convenience store transactions etc. exemplify the diversity in payment methods. And such options call for management of atypical issues, too, says Ai’s Ritesh Gupta
Any sort of improvisation in a payment strategy requires introspection on several counts, be it for evaluating payment complexity, impact on the user experience, ensuring security for that particular sales channel or ability to monitor the fraud chargeback activity.
And today change is inevitable considering the increasing popularity of specific payment options in different markets. Airlines have to adjust as for many it’s a cross-border business.
There are certain market nuances such as prevalence of local domestic payment methods that can drive payment strategy – for example, convenience store payment in some Asian countries. Also, unlike credit card, each of the payment options in Asia has its uniqueness, e.g. transaction limit, availability of refund, chargeback rights etc. It requires airlines to design and implement necessary payment interfaces and processing flows.
Overall, airlines need to look at peculiar issues as they embrace new form of payments. Here we assess a couple of aspects:
Cost analysis
An airline might be running operations smoothly in several markets, but a similar move may result in additional expenditure in a new one.
For instance, in case of China, it’s imperative for travel brands to offer options like Alipay and or let Chinese consumer pay via WeChat.
As per the feedback from specialists pertaining to Alipay, operating in China requires a separate integration cycle and payment acceptance service level than would typically be needed for other regions and markets. “PSPs like Stripe and Braintree provide for a more seamless integration on the backend, however because of regulations in China and Alipay’s market size, it is easier for brands with interests in China to work directly with the payment platform,” shared a source. Importantly in order to integrate a PSP like Alipay, a company based in the U. S. may need dedicate resources and staff for processing and acceptance for the Chinese renminbi.
“While enabling Alipay payments is critical to gain visibility and drive transactions in China, for smaller hotel chains, airlines or OTAs this additional resourcing is a large undertaking that can put a strain on cash flow and carry higher requirements for security against chargebacks. Additionally as Alipay remits payments through SWIFT, OTAs and travel brands will have to plan around payout timetables - which vary from country to country- and the applicable fees,” shared a source. “Another thing travel brands should consider the user experience, as travellers are completing their travel booking or reservations. Several PSPs oftentimes redirect users away from the branded site or app to complete their transactions an experience that travel brands cannot control or manage, which can lead to confusion, or worse, booking abandonment.”
Infrastructure related issues
For airlines, the fact that the process can involve their legacy infrastructure, it only adds up to the work that’s needed to be done.
“One of the key issues faced by airlines is heavy reliance on legacy infrastructure that prohibits them from adapting to the fast changing world of payments. If this is not addressed in a timely manner, airlines can risk becoming uncompetitive and non-relevant,” says Shreyansh Durgesh, Director of Sales and Business Development, Asia Pacific, Bitnet Technologies.
Delving deeper, Durgesh says, “Sometimes it is seen that airlines are unable to or take too long to launch new payment capabilities due to their backend system being too complex to work with new technologies. Lot of airlines have built their functionalities and respective business processes on top on a legacy mainframe application.”
“Most of the time these legacy infrastructure and their limitations determine how payment related processes or functionalities can be changed,” he says. For example, an airline’s DCS (departure control system) may follow certain rules to flag a risky booking based on fraud detection systems for further checks during check-in. But if the fraud detection and legacy platform are not compatible, it can lead to sub-optimal usage of such fraud detections services.
Fraud management
In addition to coping up with the challenge of system integration (each payment method works differently which means that each implementation can be costly and lengthy), another hurdle that comes with the new methods of payment is fraud as fraudsters always evolve to find ways of exploiting weak spots in payment processes and systems. So fraud management should be on top of the agenda for any airline integrating new payment methods.
There is also need to clarify certain points, too. For instance, bitcoin is like digital cash. So is there any way to recover or whom to approach when bitcoin is stolen?
Here it needs to be understood that bitcoin wallet private keys are the only proof of ownership of bitcoins. Once these keys are stolen it is impossible to reclaim ownership of bitcoin, says Durgesh.
“Bitcoin is decentralised protocol and not regulated, hence there is no central authority to turn to in case you lose your bitcoins. There have been number of bitcoin related compromises in past but they are not due to weakness in bitcoin protocol itself and rather due to because of weakness of security system employed or negligence of bitcoin service providers,” he says.
So it is important for consumers to carefully select their bitcoin service provider who has appropriate security system and policies to safeguard consumers’ bitcoins. There are specialists who keep bitcoin stored in secured, geographically separated cold storage as well as insure users against any losses, says Durgesh. Also, as the bitcoin ecosystem continues to grow we will see a lot more innovation in provision of wallet security services.
Being nimble
As the payment ecosystem continues to evolve, airlines need to be nimble. Be it for gearing for EMV liability shift in the U. S. or capitalizing on the popularity of an offering like Alipay in China, there would be changes for merchants. It is of paramount importance to be aware of requisite resources and the level of expenditure required to set up a new method of payment. Plus issues associated with integration with legacy systems, back-end operational systems etc. as well as fraud management, too, need to be scrutinized.
Follow Ai on Twitter: @Ai_Connects_Us and Checkout our events at:www.AiConnects.us
