Traveling Still Needs To Be Friction-Free And Secure Under PSD2

The $318 billion European travel market is grappling with the changes PSD2 is bringing to how payments are made and processed within the EU, but its impact goes far beyond payments. PSD2 mandates stronger requirements for fraud and customer authentication, which is putting pressure on travel companies that will now have to balance hefty authentication methods with a seamless customer experience. Consumers booking airline tickets or hotel stays still expect frictionless experiences, regardless of the new regulations.

As PSD2 comes into full effect, businesses in the travel industry will need to change the way they interact with customers. According to a recent PYMNTS interview Jean-Christophe Lacour, head of merchant services for travel payments processor Amadeus Payments, businesses and payment providers alike must focus on that customer experience, as well as security and fraud protections.

“In the past, retailers — not just travel companies — had to make a choice really between frictionless [payments] and security,” Lacour said. “There was always an element of security, of course, but the more security you applied, the more you reduced your conversion rate, and vice versa. The less you applied fraud controls, the more transactions went through — but they could potentially be disputed after the fact.”

This is no longer an option under PSD2, where the safety and security of payments is paramount. Travel organizations need to start interacting with their customers differently if they want to be compliant.

PSD2 and its impact on the travel industry

PSD2 has opened up the flow of data and payments information to third-party players that were previously left in the dark, which, said Lacour, is having quite an effect on travel companies. Merchants are now promoting “cheaper forms of payment,” like real-time bank transfers. Additionally, AISPs and PISPs can now start offering new services or trigger payments to customers under PSD2, and surcharging is now banned on consumer cards.

As these new players come to occupy a larger role in payments, Lacour noted that the travel market should expect “a flurry of new value-added services … and an increase in [retailers offering] lower-cost payment methods, such as bank account transfers.”

It’s currently unclear what effect this will have on the average consumer looking to purchase an airplane ticket.

“It’s difficult to predict how consumers’ payment preferences will evolve based on that,” he admitted. “But what we can see is that the trend, from a consumer standpoint, seems to be towards increasingly more frictionless payments, but not to the detriment of security or protection. We also know that consumers have historically responded well to using certain payment methods if they come with incentives.”

Enabling frictionless payments is thus a key dynamic under PSD2, Lacour said, especially since travel companies bear the burden of securely authenticating consumers.

PSD2 may have originally been geared toward payment innovations, but it is also set to change the ways that customers are verified. Merchants in the travel industry are now complying with strong customer authentication (SCA), which is part of the broader PSD2 regulation.

SCA, frictionless payments and PSD2

With more customers going online or using mobile apps make purchases, the need for SCA is now center-stage for travel companies. These businesses are are already grappling with an increased amount of fraud, but SCA is making fraud protections the norm. For SCA to work, customers need to verify two out three things: something that they have, something they know, or something they are.

“SCA will come into play in September 2019, and the jury’s out to see how it will impact the all-important frictionless [payment] experience that travel providers try to [give] their customers,” Lacour said. “For high-value transactions — €500 and above — you have to apply two-factor authentication, which means that you really have to interact with the customer to make sure that it’s them.”

For the travel industry, it’s likely that customers will hit this high-value ceiling more often than not. Amadeus itself already offers a payment solution that has two-factor authentication enabled, Lacour noted, adding that companies have been attempting to marry frictionless payments with fuller security for years now — the September 2019 deadline simply gives the industry the push it needed.

“The technology now is much better than it [used to be] and really enables a more frictionless payment experience while still ensuring an appropriate level of security,” he said. “That’s really the spirit of SCA for the EU.”

PSD2 and the future of payments

PSD2 is shaping the future of payments in the EU and it’s likely that the regulation will continue to change the way consumers and business interact with each other. In fact, the impact of the directive may not even be limited to Europe.

“PSD2 could expand beyond Europe. … A number of regulators around the world are looking at PSD2 … as a blueprint for similar regulations that could be put into place,” Lacour said. “So that could be another area for travel payments moving forward.”

While regulators around the world debate, security and speed remain the top priority for consumers when it comes to booking a flight, hotel or other retail purchase. Changes to the global payment ecosystem must be made if innovation is going to continue.