- Payment & Fraud Editorials
Date: 30 Nov -0001 Location: Delegates:
-
Ai Editorial: Simplifying the world of cross-border payouts
Ai Editorial: Coming to grips with friendly fraud is like anticipating damage control
Ai’s Editorial: Is travel figuring prominently in “wearable future”?
Guest Editorial: Beating the credit card fraudsters
Ai Editorial: No shortcut when it comes to loyalty fraud
Ai Video: Curbing loyalty fraud with aplomb
Executive Interview: Jerome Seidita, Nok Airlines
Ai Editorial: Managing account takeover fraud – a must in era of personalisation
Striving for a stress-free customer journey
Ai Editorial: Friendly fraud – a battle that still isn’t easy for airlines to cope up with
First published, 6th May 2016
Ai Editorial: Payment options that are emerging as an end-to-end alternative to SWIFT are unsettling old-fashioned ways, writes Ai’s Ritesh Gupta
There are several aspects that need to be scrutinized before any travel e-commerce company can work out timely cross-border payments in an extremely complex global payments environment. If coming to terms with associated total costs is one critical issue, then assessing the sort of support needed from a payment provider and spotting what payment options are suitable for receivers are some of the other equally important aspects.
If we consider the significance of a compliance program, then China is one example that exemplifies intricacies involved in the B2B payments space.
Dealing with peculiarities
For instance, it is being highlighted that due to new Chinese government regulations people in China can’ t receive online credit card payments from an international business account to their personal local bank account anymore. This will affect thousands of single business owners in China, foreigners and Chinese, travel agencies and hotel owners who use PayPal or other foreign payment processors/ providers to accept online deposit and balance payments from foreigners as they can’ t receive their foreign funds from a business account into their personal account here to pay providers, staff, etc.
“Each market presents its own set of regulatory requirements for B2B senders and receivers,” says Nagarajan Rao, SVP, Global Head of Business and Product, Transpay, a B2B/B2P cross-border payments platform.
Rao further explained, “For example, a business sending funds into a country may have only one regulated entity to choose from that can move money into that market. On the receiver side in places like China there is also the likelihood that the business has to have a mandated form to accept cross-border payments, which can be cumbersome approval process to receive. Additionally, countries like Brazil and Russia, require businesses to report every dollar of cross-border payment received. So even though it seems like the world has opened up for business transactions, some of these local regulations and requirements are impediments to business growth.”
Continuing with the example of China, many foreign businesses use Alipay or Tenpay to accept payments from Chinese travellers but what about the other way around?
Rao mentioned that these Chinese acceptance companies have done a great job in creating a strong localized payment industry.
“However when payouts need to be made to foreign entities- travel agents, hotel properties and vendors- these in-country businesses have to rely on antiquated wire system that only a few banks in China offer and pay a high amount in fees for FX. The payouts part to funds flow is the next problem for China to solve.”
Options
As for the sort of international payment products that are available, according to Transpay, the options include:
- eWallets (A virtual account where funds exist. No need to share private account information);
- SWIFT Wire Transfers
- International Prepaid Cards (among most costliest ways to receive money);
- International ACH (banks and 3rd party companies work out a direct deposit service. Funds are transferred to the receiver’s local bank account in local currency through the local clearing systems. Tends to be costly when used in emerging markets).
According to Rao, traditional bank wires, eWallets, and prepaid cards “too often come with hidden fees, lack of transparency and inexcusable lag times that are oftentimes bore by the recipient”. With Transpay, the funds are delivered in local currency within 1-2 days.
Traditionally, travel brands sending cross-border bank transfers have had to rely on the SWIFT wire networks. Oftentimes this means slow transactions and opaque funds flow, as funds have to go through multiple financial institutions to get to the ultimate end recipient. Each stop along this correspondent bank network also comes at high cost, as each financial institution charges a fee for handling the transaction, says Rao.
Payouts are inherently more complex than payment acceptance, as it involves one entity making mass payments to different recipients and bank accounts. With solutions that have their own proprietary bank network, travel brands are able to process payouts locally, reducing the number of financial institutions involved, and ultimately reducing the cost of sending mass payouts.
There is also talk of alternate payment solutions. So how are these offerings capitalizing on cross-border opportunity?
There are several applications for travel companies to utilize alternate payouts. Airlines, for example, need a solution for issuing refunds on cancelled flights or OTAs need a payout option for making commission payments. According to Rao, Transpay’s solutions would complement what’s being done for all outbound payments without the expense that virtual cards and traditional bank wires charge to all parties involved.
What to watch out for
According to Transpay, the focus is now on cross-border payment settlement and strategies for paying international recipients.
“Payouts are the last 100 meters of the payment flow that until recently, have been largely disregarded. It’s very glamourous to talk about the customer payment experience, but at some point businesses need to get the funds to the ultimate provider of the product. There are several trends in travel that are shifting the payment dialogue. A growing movement towards pre-payment for hotel booking for example, as well as a growth in the merchant model in the OTA sector- with more funds needing to move from the OTA to the hotel property- are all factors leading to an increased need on payouts that are economically viable,” said Rao.
Also, entities are drifting from manual and batch payout processing to an embedded user experience.
In travel, branded websites and OTAs have mastered the art of embedding local payment acceptance forms into their customer-facing user experience, said Rao. “However, when these companies need to do payouts to agents, suppliers or individual recipients that experience currently site outside of their platforms. As the industry grows and the need for faster transacting increases, streamlining the payout experience is now front and centre. Having an embedded user experience with an industry grade payment network is the next step forward for businesses to ensure that payment acceptance and payouts go hand in hand,” mentioned Rao.
Also, blockchain technology has the potential to improve the speed, accuracy and accessibility of cross-border payments.
Rao underlined that options that are emerging as an end-to-end alternative to SWIFT are unsettling old-fashioned ways. As the cross-border payouts sector moves on, solutions that are curtailing costs and managing FX gain to stand out.
Follow Ai on Twitter: @Ai_Connects_Us
First published on 17th August, 2016
Ai Editorial: Given the growth in card-not-present transaction volume, airlines need to be proactive to understand what triggers friendly fraud and how to deal with it, writes Ritesh Gupta from Kuala Lumpur
Airlines are constantly looking at ways to minimize the impact of chargebacks and one of the topics keenly discussed during the 5th ATPS Asia Pacific was “friendly fraud”.
Unlike fraud initiated by a criminal, friendly fraud is the case where a “cardholder” claims fraud for a transaction they were involved in. This type of fraud is hard to deal with as the legitimate cardholder uses the card with all of the correct information, and then disputes the same. What works against airlines and merchants is the fact that chargeback dispute procedure doesn’t support them, as banks and credit card organizations tends to seek only a small amount of proof from customers to corroborate a dispute claim.
Speaking here in Kuala Lumpur, Brett Small, Regional Director, APAC – Ethoca, mentioned that friendly fraud refers to “fraud that is committed when an individual had knowledge of and/or was complicit with and/or somehow benefited from the transaction on their own account, although the individual reported the transaction as unauthorized”.
Talking of airlines, Small said in case of airlines, friendly fraud is generally the result of buyer’s remorse, additional charges or fees, disagreement with refund rules, and a transaction that is completed by another party. He also explained the spectrum of behavior – varying from a benign one that generally involves a household/ family member (so may be a traveller is on the check-out page on a device, and someone inadvertently clicks to complete the transaction. So the cardholder was unaware of purchase made by a household member. Or as Small said it could be a simple case of just not recognizing the purchase – descriptor issue, statement is confusing, etc.) to the cardholder deliberately abusing the system with the intent to commit fraud.
Issues for merchants
Friendly fraud is difficult to distinguish from genuine fraud and even harder to prove for merchants:
· Difficult to detect at time of purchase.
· Issuers usually accept a customer’s assertion.
· The chargeback process does not adequately address friendly fraud.
· There is no way of collaborating with issuers.
· High impact to customers and risk of social media damage.
· Time consuming and labour intensive.
Why issuers struggle?
Explaining how issuers comprehend friendly fraud and the way it can be dealt, Small highlighted that friendly fraud is difficult to distinguish from genuine fraud.
· Issuers cannot see what is purchased.
· It may involve a dispute with a merchant that issuers are unaware of.
· Issuers are under pressure internally and from regulators to believe and refund customers.
· Issuers have thousands and sometimes hundreds of thousands of disputes per month.
· Issuers ask customers questions to try and validate disputes and also look for repeat disputers. But, cardholders have learnt how to “use” the system.
Issues being raised, but long way to go
Friendly fraud has raised the overall chargeback level, making acquirers more watchful about accepting risk liability. The industry has been looking at this issue, for instance, Visa last year chose to accept airline-supplied flight manifests as a remedy for fraud payment card chargebacks (when the passenger name matches the cardholder name). As explained by Monica Eaton-Cardone, COO, Chargebacks911, in one of her recent blog posts, initiatives taken such as one taken by Visa are being taken to help fraud-burdened merchants, but still it isn’t a definitive solution. She asserts that savvy consumers continue to exploit loopholes and merchants still report significant losses. She recommends that fraud filters need to work better. Also, merchants need to be sharp enough to understand the buying behavior, and consumers need to understand that their actions have consequences, and that getting involved in friendly fraud is going to have detrimental impact eventually.
More specifically, airlines need to look into booking history and any other internal and external data sources to verify travel. Evaluating customers’ chargeback history can be useful, too.
“There is a need to leverage merchant historical data - card number + device/ IP address for previous orders. Also, make household profiles and link all their devices. On another note, one may call the cardholder when it makes sense. This is based upon transaction amount, customer relationship, evidence etc,” said Small. “Airlines can look at implementing simple, clear refund policies. But, don’t be too easy as the new trend is refund abuse,” cautioned Small.
Other areas that can help:
· Chargeback representments (if evidence exists.)
· Using modified merchant descriptors.
· Making change and refund policies clear in the booking flow and post booking communications.
As it turns out, completely doing away with chargeback fraud isn’t a possibility, though curtailing the risk of such kind of credit card fraud is possible. Airlines have to count on ways to avert the danger of becoming a victim of friendly fraud. Merchant-issuer collaboration is essential and can play a big role in dealing with such malicious behavior.
Follow Ai on Twitter - @Ai_Connects_Us
First Published on 11th August, 2016
Ai Editorial: Wearable adds more touchpoints to every passenger journey, but is anything new, exciting happening? The long-term utility beyond health and notifications isn’t clear, writes Ai’s Ritesh Gupta
Where is wearable technology headed?
It’s a broad question, but there is a reason behind not jumping on to the utility for the travel sector.
The way today’s gadgets are shaping up, we expect them to deliver on multiple counts. So when I use my smartphone and smartwatch (say, paired together the way Apple products are), I expect to press lesser number of tabs (for instance, every time there is an interview scheduled in my email I expect my phone would send me a reminder without me pressing on a calendar tab), send useful notifications (say I have booked a room via an OTA app. On the day of the check-in, when I reach the vicinity of the hotel, I should be guided by my smartphone to reach the hotel) etc. So I am expecting a lot more all the time.
Frankly speaking, the lure of using a smartwatch hasn’t increased and it has failed to go beyond simple notifications. There is buzz that speech recognition and text-to-speech is set to improve, but it remains to be seen what is going to happen next. At this stage, simple experiences like third party apps not working on smartwatches seem to be an issue. When usage of apps doesn’t work it is quite frustrating.
“Smartwatches have limited capability to “keep going” while not connected to their host smartphones. However, we’re now well into “second generation” of wearable systems. The latest versions of Android Wear and upcoming version of Apple Watch now feature more “standalone” functionality. The Pebble has had this over 3 years, however,” says Ireland-based Kevin O’Shaughnessy, founder of Indigo.gt, a search and reservation platform for airport-to-city transfers. “The killer app for the watch so far has been notifications and simple “one-button” actions. These prove quite popular with long-time users. On day-of-travel this can take the stress out of the journey for many frequent flyers. Watch technology also features payments, but only in limited markets. The tap-to-pay, whether by card or devices, makes everyday travel simpler.”
He further added, “We’re now at a watershed moment with the “Wait spinner” on Apple Watch, for example. If Apple doesn’t take urgent measures to make the device more responsive, whether with better software or a new generation of watch, I worry about the long-term utility beyond health and notifications.”
Travel sector
I am not too savvy, but after reading about the role of a smartwatch, it is clear that data is being tracked with the current generation of wearables.
In its list of 10 compelling wearable device experiences over the next two years, Gartner mentioned biometric authentication, mobile health monitoring, virtual personal assistants, smart coaching, virtual and augmented reality, accurate motion recognition etc. The study also added that there is “genuine scope for wearables to create intelligent personalized experiences that really add value”. Overall, in comparison, the travel sector has to catch up. Yes, experts do pick developments such as the Starwood application for Apple Watch (unlocking room door in the hotel by the simple tap of a button) as a positive experience. One can also access stay details, including check-in, checkout and confirmation number, or points. Still it wouldn’t be wrong to say that the travel sector is lagging behind the likes of retail, healthcare and gaming when it comes to the “wearable future”.
“We have yet to see the travel industry tap into the “contextual purchase”,” says O’Shaughnessy.
He says the entire mobile ecosystem has the potential to eliminate the “point of sale” entirely, leaving staff to focus on customer service in retail, for example. “When it comes to notifications and proximity technology, mobile has the potential to reduce the hustle commonly seen at departure gates. With wearable, this can make the experience even more streamlined, and communication more personalised. On a personal note, I’ve yet to board a European flight smoothly with Passbook on my watch,” shared O’Shaughnessy.
What should airlines expect in the future?
I spoke to O’Shaughnessy about specific areas.
Data, analytics and personalisation: Wearable adds more touch-points to every passenger journey. “Airlines that thrive in this space will also thrive in mobile and next-generation web tools. The critical factors are payment technology, and moving toward account or virtual-account based relationships. The connection with loyalty programmes is open too,” shared O’Shaughnessy. Wearables can bank on being more connected to the user’s physical body than any smartphone or mobile device. Let’s see what the travel industry can bring. May be a chatbot via wearables – say that can guide me to a change in terminal at the airport with clear instructions without looking at the screens or booking a table at a particular restaurant with clear instructions about how far the restaurant is from my gate. Just random thoughts about one aspect of our journey.
Risk of data breach: Can my Apple Watch be hacked? There already have been concerns over personal health data being leaked. O’Shaughnessy says so far, this is a marginal risk. As devices become more capable, this may change.
Payments: Behind the scenes, the payment industry is changing entirely; when more banks in more markets adopt tokenization, we’ll see the applications first on mobile, second on wearable. Think about smoother, simpler payments, said O’Shaughnessy. There have been developments where companies like the Swiss watchmaker Swatch are gearing up to let consumers take their watch close to contactless terminals enabled for NFC (near field communication) technology, and avail contactless payment service.
Ancillaries: With more opportunities to sell, more opportunities to capture ancillary revenue opens. This will be powered by inventory but also analytics. Some examples:
· Book your taxi on arrival
· In-flight beverage/catering sales
· Sale of security fast-track passes
· Re-accommodation and flight status updates as a premium service
The IoT (or Internet of Things) future shaped by wearables: Wearables is one aspect of the Mobile or IoT space. As one of the first consumer IoT segments, this will push technology towards “longer battery life” and “better processing power” in order to make products more competitive over time.
Kevin O’Shaughnessy is scheduled to speak at the upcoming 5th Airline & Travel Payments Summit Asia-Pacific. It is scheduled to take place next week (17-18 Aug) in Kuala Lumpur.
Follow Ai on Twitter: @Ai_Connects_Us
Event’s Twitter hashtag: #ATPS
Airlines' plan to show card fraudsters the exit takes off
A quite extraordinary revolution has been taking place in our skies in the last few years. And it's the good guys who are getting the upper hand, writes Ciaran Nagle. International crime has been growing rapidly over the last couple of decades, according to all the research.
And it's no surprise that one of the industries where crime has been accelerating the fastest is one which by its very nature involves much crossing of borders, air travel.
But air travel has attracted not just any old criminal. It's a very particular type of law-breaker that's decided to pick the pockets of this industry: the credit card fraudster. Credit card fraud is on the rise again after peaking in 2008. Security controls introduced at that time had a very positive effect. But fraudsters are again adapting their methods to the new online environment.
48% Increase in International Card Fraud
What's interesting now is the difference between national and international fraud growth. In Europe, total card fraud is netting criminal gangs €1.5Bn annually. And in the UK alone card fraud against merchants is up 4% to €130m since 2013, according to Financial Fraud Action which is the body co-ordinating the fight against fraud for the UK's financial services industry, Europe's largest. But card fraud from the UK against international merchants is up a massive 48% to €75m! If we take what's happening in the UK as an example of a general trend - and Europol believes it is a general trend - it clearly shows that criminals see huge opportunities outside of their own countries. Clearly, crooks are happy to travel, at least with their fingers.
It's easy to understand why fraudsters have been able to get away with their deceitful habit for so long. Police forces and criminal justice systems tend to be organised along national lines and are focused on domestic problems. International crime only gets attention when it involves terrorism or huge amounts of drugs or money.
So when you have crime that crosses national boundaries involving no violence and only a relatively small amount of money - the price of a plane ticket - it's seen as a thorny problem that's hardly worth solving. Until now.
Just look at the all-too-real complexity of a typical fraud case and you can see why it's such a headache for crime fighters.
Credit card data issued in Country A is stolen and used for a flight booking purchased in Country B for a passenger in Country C booking with an airline based in Country D for a flight with a partner airline in Country E ending in Country F. Add to this that the airline in Country D may use a bank based in Country G.
So where does the crime take place? In which country should the fraudster face charges? And how do you gather evidence from a cross-border crime trail that will be accepted by a national court?
The Beginning of the Fight Back
In the early years of card fraud, airlines looked upon fraud as a minor nuisance, a flea bite. It was easier to refund the occasional airline ticket to an innocent victim than to incur the costs of setting up a department to combat it.
But as instances of card fraud grew it could no longer be ignored. Airlines began to keep records of names and email addresses associated with bad bookings. Analysts were employed to monitor bookings and check a random sample against the bad bookings list.
First published on 3rd August, 2016
When we talk of loyalty fraud, balancing security, revenue optimization and above all no comprise in delivering a desired customer experience is a must, writes Ai’s Ritesh Gupta
Airlines dread the thought of ending up being a victim of loyalty fraud. Be it for costs associated, poor customer experience or reputation taking a beating, any fraudulent activity can prove to be a strenuous act to cope up with.
Loyalty program fraud largely tends to revolve around purchase of points or miles via fraudulent or stolen credit cards, and taking over of loyalty accounts by a cheat/ imposter, who generally redeems the points or miles. Considering the fact that airlines present more earning and redemption options today, mainly via partnerships and rewards ecosystems, this also means that the overall loyalty earning and burning lifecycle has paved way for new means of fraud. As we gear up for Loyalty Fraud Prevention Discussion Group APAC (a complimentary meeting to stop the threat of loyalty fraud), scheduled to take place in Kuala Lumpur (22 August, 2016), we thought of highlighting some of the ways one can mitigate and protect respective programs against this illegitimate exercise.
· Monitor activity: Airlines need to assess the possibility of fraud at the point of transaction, including the purchase or redemption of points or miles. Also, as CyberSource recommends, carriers need to shield accounts in their loyalty programs. One needs to identify fraud at account creation and login, and monitor accounts for suspicious activity. It is recommend that one should assess monitor device information throughout the customer lifecycle, from the account opening to account login and transactional activity.
· Keeping data/ information secure: Customers hate identify theft, so keeping such data secure is a must. Of course, if airlines fail when it comes to custodial responsibility to secure customer information, the trust factor takes a beating. According to a global study (in December 2015) by a digital security specialist Gemalto, around 64% of people surveyed worldwide are unlikely to shop or do business again with a company that had experienced a breach where financial information was stolen, and almost half (49%) had the same opinion when it came to data breaches where personal information was stolen.
· Stringent verification: There is a need to go beyond conventional passwords and PIN based approach. As highlighted by Visa, biometrics offer “the only way to link” a person’s physical identity to his or her digital identity. Biometric authentication features fingerprints, facial recognition to authenticate one’s identity. This is something that cannot be replicated with ease.
· Being savvy with data: Connexions Loyalty asserts that it’s imperative to link data sets with identities, i. e customer loyalty data with customer transactional data, social and digital behavior, demographics etc.
· CX shouldn’t be jeopardized: Any measure taken to prevent fraud shouldn’t jeopardize the customer experience. Stronger collaboration is required, with fraud prevention, IT and marketing interacting regularly to ensure a loyal customer is offered a superlative experience.
· Create awareness: I generally don’t even access my loyalty account till it’s time to redeem an award. Does this give a fraudster a window to act? Airlines need to inform their loyalty program members to be more vigilant, share information about breaches and the significance of setting new password from time to time.
Meticulous approach
Overall, airlines need to look at a meticulous fraud initiative that is fit for particular needs, featuring real-time monitoring method, including analytics, scoring, device data, product based rules, behavioural monitoring, and geographic analysis.
Its time airlines make the most of machine-learning and rules-based systems to combat this malice. Taking a look at the bigger picture, online fraud is a massive issuer. According to an initiative taken by the Europol in June, an international law enforcement operation targeting airline fraudsters resulted in the detention and investigation of 140 individuals found in possession of tickets bought using stolen or fake credit card details. Those arrested during the operation “were also found to be involved in other forms of crimes, including human trafficking, drug trafficking, cybercrime and terrorism”. Talking of rewards fraud detection and prevention, it definitely calls for a long-term plan. Balancing security, revenue optimization and above all no comprise in delivering a desired customer experience is a must.
Ai is scheduled to conduct the Loyalty Fraud Prevention Discussion Group APAC, a complimentary meeting to stop the threat of loyalty fraud, in Kuala Lumpur (22 August, 2016).
Follow Ai on Twitter: @Ai_Connects_Us
Event’s Twitter hashtag: #MegaAPAC
26th August, 2019
#ATPS
Airlines need to proactively monitor their loyal shoppers’ membership accounts since the problem of loyalty fraud is on the rise. If on one hand airlines are offering more earning and redemption choices than ever, it also means that the overall loyalty earning and burning lifecycle has opened new avenues for fraud.
“From a loyalty fraud standpoint, there is a lot of demand (for stolen loyalty currency among the fraudsters or in a marketplace on the dark web),” says Kevin Lee, Trust & Safety Architect, Sift.
This is because over a period of time, prices for such items (stolen credentials, miles, points etc.) even though they fluctuate a bit still they are going up in value. Data breaches are a big issue, and a lot of sensitive information is being sold.
There is a motivated seller out there plus there is a motivated buyer there too to cash in on the stuff, said Lee, who added that airlines or the originators of miles or the loyalty currency tend to suffer a lot in such cases.
A risk-averse mindset for controlling fraud, be it for fraudulent transactions or loyalty fraud, is commonly associated with rule-based systems. Machine learning technologies are emerging as an astute option to secure accounts. The efficacy of machine learning, especially real-time machine learning, can be explored for account protection. Rely on both supervised and unsupervised machine learning to comprehend both the historical patterns of use, as well as identify anomalies.
It is vital to keep a vigil on accounts for anomalies to effectively notice the behavior of genuine and fraudulent customers. Airlines should analyze user behavior throughout the entire journey- including account creation and login, any account activity and also at the point of transaction such as redemption of points.
Our chat with Jerome Seidita, mobile commerce director, Nok Airlines, outlines some of the issues facing airlines for mobile commerce, topics which were discussed and debated at the Airline & Travel Payments Summit (ATPS) Asia-Pacific (Bangkok, 26 - 27 Aug 2015) and will be covered at the 9th Airline & Travel Payments Summit (ATPS) Worldwide (Ft. Worth, 29-30 Oct 2-15)
From A Traveller’s Lens
Every country has its own inimitable challenges when it comes to accepting payment via mobile.
For instance, while some markets are showing signs of making steady progress with contactless ecosystem, there are others that are fairly new to this arena.
Yet airlines are adapting and trying to improve upon the payment experience. For example, Thailand’s Nok Air has carved out a unique offline payment method when their customers book via its mobile channel.
So what is this initiative all about? What is Seidita’s take on 3D Secure, and dealing with regular changes in apps?
Ai’s Ritesh Gupta spoke to Seidita about mobile and payments in detail. Excerpts:
Ai: To what extent is your travel being simplified and how comfortable are you spending via apps?
In my opinion, mobile apps changed the world by simplifying complicated tasks in just few taps. Mobile behavior is different than desktop, users want reactivity, fast processes and simplicity.
For me, amazing and efficient apps are the simplest one. Simplicity in the design, in the quantity of information, in the capacity or remembering past behaviors and information to make processes faster.
The best example for me is the Uber application. It’s amazing how simple it became to order a private car. They know your location, your credit card number and your preferences, you just have to tell them where you want to go even though they probably knew it before you.
When it comes to payment via apps, I feel very comfortable paying for goods and services from my mobile device. But it all depends on the application, if I have to spend more time giving the app my personal / payment information than selecting the product I want to buy, I prefer to use another channel such as web.
Ai: Any anecdote that you would like to share while conceptualizing and designing apps and mobile website for Nok Airlines? What did you learn from that experience?
Nok Air is an innovative airline, we like very much exploring new technologies that would enhance our passengers journey. One of the latest initiatives was to make Nok Air one of the few first airlines to release an Apple Watch application on day one.
When you start designing a new version of an app or mobile website you have to put yourself in the passenger shoes. Take everything that has been done on web and change it to be more simple, logic and fast on mobile.
Few years back we started to work on “Low Fare Search”, a new way for passengers to look for the best fares available in an entire month instead of a single day. This functionality, still available today on our apps, was first implemented on our desktop website and we had to completely reinvent the user experience on our mobile channels.
Desktop website did a great job by giving the user the cheapest flight of every day of the selected month but what if the user wanted to pay a little bit more but choose a flight that was leaving at night instead of the morning? Using a great user interface to cover complex API’s we have been able to create a flight result page that offered both the cheapest flights but also all other available flights accessible with one tap.
What I learned from this project is that when designing apps for mobile devices you can get inspired from what have been created on other channels but you should never offer it exactly the same way. Passengers interact differently on their mobile, they have other expectations.
Ai: What would you term as the toughest aspect of your role? Can you cite examples?
Mobile demand is growing very fast, technologies are changing every year but development is unfortunately not following at the same speed.
Being innovative, offer a secure environment and implement airline requirement at the same time can be challenging for our developers who need to work on many projects, often never done before.
To give a recent example, the Apple Watch app was released in April 2015 and less than 2 months later we learned that there was a complete new environment we could convert our application to. It’s a great improvement but it will require to change what we just finished to built in a very short time.
Another tough aspect is that with Apple and Google in the market, offering amazing user experiences on mobile, people are expecting a lot more from developers than on desktop. If you want your mobile channels to work, you constantly need to plan for the next update and make sure your users are happy with it. Very challenging but we love it here.
Ai: Can you explain what should one look at while preparing for payment options via mobile?
Mobile payment was, as desktop at the beginning, difficult to trust but I believe people are now willing to spend on their mobile devices. We just need to make sure our offer is secure, trustable and offer the best user experience.
At Nok Air we offer a very innovative offline payment method when you book on our mobile channels. You can book your flight and pay in the next 24 hours in 7-11 (supermarket) or any ATMs in Thailand. We also offer credit cards and almost finished to integrate Apple Pay.
For credit cards, we found two solutions that any apps should be looking at, the first is to remember the last credit card number used and the another one is to copy all credit card information from the camera.
Ai: Shopper flow is often compromised at the payment stage by two key failures – a clunky look and feel, and multiple steps to complete the purchase. How to overcome such barriers?
For the clunky look and feel I believe we now have all the tools to create a great design, even when it comes to mobile payment. We just need more creative people. The only issue is when you get to the 3D secure page, as the only ones that can control this page are the banks and still a very few of them are thinking mobile for now.
In my opinion, multiple steps are indeed a real key failure. Apple gave the best example by asking users their fingerprints today, nothing else.
With a seamless payment as Apple, users don’t even feel they are spending their money and don’t need to seat and plan when they are booking. I believe Apple Pay is very promising.
Airlines are looking at selectively applying 3D Secure only to high-risk transactions, based on data customized to the airline. Can you explain how this is shaping in the industry?
Credit card fraud in Thailand is still high and at Nok Air we decided to apply 3D secure to every transaction. We are using a great tool to reduce fraud to the very minimum and it works great so far. If we had to take the same question out of Nok Air specific context I would say that this would be a great improvement as it would decrease number of steps and create a smoother booking experience.
Can you cite few examples where airlines can face challenges with mobile payment?
The only challenge we had to face is the integration of direct debit transactions on mobile. The user has to connect to his bank online platform to accept the transaction but banks are still offering this functionality with non mobile friendly pages and it would deteriorate our user experience. We prefer to concentrate on channels that are ready and innovative.
LinkedIn: https://www.linkedin.com/in/jeromeseidita
Follow Ai on Twitter: @Ai_Connects_Us and Checkout our Events at: www.AiConnects.us
First published on 24th February, 2017
Ai Editorial: Airlines need to move fast to be ahead of the curve and protect themselves against account takeovers, writes Ai’s Ritesh Gupta
The benchmark for completing a digital transaction – the moment when you are about to pay - is one click or swipe.
Of course, in order to deliver one-click checkout experience, travel e-commerce players have to garner personal information, store chosen payment method and keep it secure. This transaction-related information is a vital component of overall account personalisation that businesses are keenly looking at today.
But what needs to be noted is that account takeover is the latest fraud tactic that is troubling merchants, and airlines, too, can be victims as merchants.
Account takeover fraud happens when a fraudster/ hacker misuses a user’s personal details saved with a merchant in order to take control of an existing account. Fraudsters bank on stolen credentials and phishing schemes to hack into or take over legitimate user accounts. They are capable of gaining access to accounts via malware, SQL injection attacks, spyware etc. And this can surely have a detrimental impact on trust and loyalty among valued customers.
Being wary of fraud as account personalisation picks up
As we highlighted in one of our recent articles, account personalisation is on the rise. One area where progress is being made is speedy bookings and swift flight check-ins on airline-owned platforms. Ryanair took an exemplary initiative last year, one related to account personalisation. This way the carrier chose to enable passengers to share their travel preferences by setting up a personal profile, and saving passport details etc. The users can also store their payment information.
So if on one had such initiatives are bound to make trip planning, booking and even servicing simpler, more efficient, then on the other one needs to be wary of the situation where such data related to a user’s account gets stolen.
Data breaches are dreadful, and this trend can also end up in a massive threat for airlines.
It is becoming common for cyber criminals to hack data, and then reuse the list of email addresses and passwords they have obtained on multiple sites. So here is what would happen - when the user account on one airline’s system is breached, hackers will use the exact credentials to take over the same user’s account on the other airlines’ systems as users seldom differentiate their login credentials.
Similarly, a hacker can take over a user account, and if it has loyalty miles, sell the user account credentials on the black market to fraudsters to redeem the miles for tickets.
Identifying suspicious behavior
Account takeover security comes into action from an early stage – keeping a vigil on new account creation and the way these accounts tend to be used. This helps in assessment of risk with certain level of accuracy. In term of prohibiting fraud from happening, a fraudulent activity say a transaction is stopped before it takes place. Here a flexible rules engine highlights a dubious activity based on users’ behaviour and device attributes. As CyberSource states – an organization can then choose to accept, reject, or challenge the users to authenticate themselves – before the event can occur. One can also spot valuable returning customers.
A user’s device and Internet connection information can prove handy in managing such fraud. The device-based customer authentication can add a layer of defence against account takeover. This is important when assessing whether the real account owner is accessing the account or not. A way to do it is via evaluating a cookie associated with the stored payment method. If the same is missing when the payment method is used, then this person can be asked to re-fill the card number or provide verification code. So if a fraudster is trying to skip recognition by masking their IP address or spoofing geolocation, one can verify the real IP address and compare that to the stated IP to detect risky activity.
Recently, when I forgot my Apple ID password, I was asked to share the ID, filled in a code twice, and then could retrieve password via registered email or by filling out answers to questions registered earlier. And eventually guided about how to work out a strong password. But is it enough for account protection? The best answer is to make sure there is enough human expertise within an organization. And do keep an eye on any new stringent way of security. Behavioral analysis is one area that is becoming increasingly sophisticated. Swipes, taps, cursor movements etc. are being analyzed for navigation flow, time spent etc. to understand the behavior. It is also being suggested that behavioral biometrics, which spots patterns in human activities, needs to be looked upon for continuous authentication, and looked beyond the two-factor authentication (2FA) method. So as airlines analyse more and more data (for example, device authentication, device ID, device fingerprinting etc.), fraudsters will struggle to fully to pass off as genuine. These new measures are must as hackers/ fraudsters are working on machines for getting around these security measures.
Are you bold enough to survive in the brave new world? Assess your preparedness at 11th Airline & Travel Payments Summit (ATPS).
Date: 03 May 2017 - 05 May 2017
Location: Berlin, Germany
For information, click here
Follow Ai on Twitter: @Ai_Connects_Us
6th November, 2020
The travel sector is going through its toughest balancing act – staying afloat with less. Every penny has to be meticulously spent, contribute to the much-needed cashflow. And most importantly, every stakeholder is looking to play a bigger role than ever, foraying into unchartered territories to ensure the demand is captured in the best possible manner.
Even as senior travel industry executives, for instance, Travelport’s CEO Greg Webb recommend rapid, accurate testing at airports as a feasible alternative to maintain traveler safety, it is imperative for travel brands to be open and up-dated about every aspect of a trip.
It is not what travel providers usually focus on, even though it is a part of the services they need to provide, acknowledges Manuel Hilty, CEO, Nezasa. “You don’t need to know everything on your own, you just need to build a solid partnership and network of expertise,” he says.
As for what products to offer in order to match expectations of a consumer, Plusgrade 2020 Survey underlined that travelers intend to “travel better” and are showing signs of paying a premium. A seat-blocker is not a “COVID product”, highlighted Pramod Jain, COO, Plusgrade.
New initiatives are coming along - Airasia.com’s travel vertical has been expanded to encompass non-AirAsia flights; Wizz Air’s mobile app has added ground mobility services for both pre-booking and on-demand requests. The airline launched this mobility platform with CarTrawler.
“This emphasis on the customer will help rebuild the travel sector and offer strong foundations on which we can all grow and thrive,” said Aileen McCormack, Chief Commercial Officer at CarTrawler.
First Published on 17th November, 2017
Ai Editorial: Airlines continue to struggle to avert the danger of friendly fraud. There are new developments, ones related to machine learning and biometric authorization, but are they robust enough to protect merchants? probes Ai’s Ritesh Gupta
Criminal Fraud, friendly fraud and merchant error are all major sources of chargebacks. The utility of data and technology in combating various forms of fraud is coming to the fore.
As for friendly fraud, it remains probably the biggest challenge and quite often the significance of an effective fraud mitigation strategy is underlined.
Friendly fraud refers to “fraud that is committed when an individual had knowledge of and/or was complicit with and/or somehow benefited from the transaction on their own account, although the individual reported the transaction as unauthorized”.
This type of fraud is a major issue for merchants as it can be tough to detect at the time of purchase, the chargeback process does not adequately address friendly fraud, and also it is time consuming to fight against the same.
Functioning of the industry
“The predicament (pertaining to friendly fraud) is getting worse,” says a senior executive.
The executive pointed out that the available data is limited. Merchants definitely suffer from industry-wide lack of transparency. Their stance is feeble as there are plenty of factors outside merchants’ control that influence their reluctance to make a more substantial effort. “There is hardly enough information available pertaining to chargebacks and friendly fraud. This means there isn’t a strong foundation to bank on, to comprehend the situation. It’s challenging to amass authentic information on the matter without substantial contribution from banks, card networks, and merchants,” added the executive.
As highlighted by Chargebacks911 in one of the interviews with us, until there is a reason code labelled ‘friendly fraud,’ merchants will forever be engaged in a guessing game—is this claim legitimate or friendly fraud? This uncertainty is what drives merchants’ inaction.
It is also pointed out that issuing banks and card networks decline to divulge critical data or specific numbers on chargebacks such as: dispute win rates. They typically don’t keep the kind of comprehensive records on the subject that would enable a broader view of the matter. Merchants need to blend professional assistance with chargeback management technology specifically designed to identify the true source of the transaction dispute.
One can question policies and regulations set forth for the entire industry. Issuers usually accept a customer’s assertion, and there is hardly any scope in terms of collaborating with issuers. It is clear that ecommerce wouldn’t prevail if card networks and issuers hadn’t taken initiatives to step up the buyer confidence when it comes to payment card use and liability. By abating cardholder’s fears about potential losses tied to fraud, networks and issuers have enabled entities to experience optimum profitability via card-not-present transactions. However, by advertising zero liability, issuers have inadvertently incentivized friendly fraud.
New developments
Airlines tend to be at the receiving end, for example, a cardholder buys airline tickets but intends to change the itinerary at a later stage. This could be due to any reason. Since the traveller doesn’t qualify for a full refund from the airline, the same passenger files a friendly fraud chargeback and points out that buy wasn’t authorized—when in fact, it was. So how to cope up with such cases where airlines suffer? In terms of sophistication, fraud prevention specialists are finding ways to evaluate the behavior of consumers and relying on machine learning for the same.
For instance, Nethone, a data science company, highlights that by identifying distinctive behavioural characteristics of each user, one can craft their digital profile and relate the same with behavioural profiles of previously identified fraudsters. The company, in one of their recent blog posts, stressed that it is viable to discover behaviour demonstrating that someone else than the rightful account owner is logged in, before the transaction is done. And this way merchants can secure transactions by activating a conditional authentication layer. Analysis can be around the purchase log from the past, taking into account the frequency of shopping, their average order value, in case there were any chargeback request previously, too, etc. Also, device fingerprinting, too, can be taken into account whether a given device has previously featured before for a fraudulent transaction. Importantly, Nethone also added that any level of additional authentication or “friction” should be added only where it’s essential and the probability of fraud is high.
The industry is also counting on biometric technology and additional layers of security and authentication.
From friendly fraud perspective, biometric authorization can used as a proof that at a customer did validate a transaction.
But this kind of authorization isn’t a complete solution on its own.
Yes, questioning a chargeback hinges on the merchant’s capacity to establish that the cardholder validated the transaction and that the merchant was in compliance with all applicable regulations. Biometrics can end up being a constructive part of evidence for merchants; the fact that biometrics are intrinsically tough to deceit is sound proof that a cardholder did, in fact, validate a transaction. But, as explained by Chargebacks911, the issue is that policies and standards laid down by the card networks do not keep up with the fast development of consumer authentication technologies. Biometrics can show that a cardholder almost definitely authorized a transaction, but if the card network won’t accept biometric data as evidence, that knowledge is useless.
In many ways, card network regulations are stuck in the past, unable to adapt to the rapidly-changing realities of ecommerce and the payments industry,” points out Chargebacks911’s COO, Monica Eaton-Cardone.
It is pointed out that card networks need to make biometric authorization a cornerstone of the dispute process.
Also, the stance of various stakeholders toward friendly fraud definitely needs to evolve, as much as new technologies can help.
Follow Ai on Twitter - @Ai_Connects_Us