Strong Customer Authentication (SCA) has been finally introduced for online payments in the UK, which could lead to a new surge in “virtual” payments for business travel transactions amid fears that some corporate sales could be declined.
SCA makes “two-factor” authentication mandatory for online sales, with those making the purchase required to verify their identity through being sent a unique one-time passcode, alongside their card details. Read BTN Europe’s feature for full details.
The UK’s Financial Conduct Authority had delayed the introduction of SCA enforcement by six months from 14 September 2021 to 14 March 2022 to “ensure minimal disruption to merchants and consumers”. The FCA now expects full SCA compliance for e-commerce payments.
The SCA rules, which stem from the EU’s Payment Services Directive 2 (PSD2), have already been introduced by countries across the EU. Despite Brexit, the UK is largely implementing the requirements of this directive.
This is set to be a challenge for the corporate travel industry with travel arrangers who make online bookings using the traveller’s card facing the problem of the passcode being sent to the traveller’s smartphone or other device.
HotelHub said it expected to see a surge in the use of virtual cards for payments as they are exempt from the new SCA rules. Travel bookers are also likely to move away from using online booking tools and instead call their TMC to make the booking offline.
Eric Meierhans, chief commercial officer of HotelHub, said: “The B2C mechanics of SCA don’t work well in the business travel sector and card providers still need to find a workable solution.
“We believe the business travel industry will see a significant increase in the use of virtual cards, particularly for hotel payments, to overcome the challenges bookers will face if they continue to use the traveller’s individual card.
“SCA is definitely going to push more bookings offline and cause a reverse trend, because until now the corporate’s objective has usually been to drive OBT use for hotel bookings in order to keep transaction fees down.”
Matthew Chapman, chief technical officer at technology firm Vibe, added that SCA could cause particular problems for UK-based TMCs.
“The corporate clients of TMCs often have just one card with sometimes up to hundreds of users – none of whom have access to the mobile phone it might, or might not, be registered to,” he said.
“While some TMCs charge some of the travel supplier payments on account, the prevalence of credit cards is strong. Based on our conversations with UK-based TMCs recently, many are either unaware of this upcoming change or simply have been too busy dealing with Covid crises.”
Clive Wratten, CEO of the Business Travel Association (BTA), said it had been talking to banks, GDSs, online booking tools and payment companies about the potential issues around SCA.
The association has also been organising working groups on PSD2 which have been used to create a set of guidelines for TMCs to follow.
“We’re therefore confident that TMCs have the information available to navigate the introduction of PSD2 with minimal disruption,” added Wratten.
“For the bulk of TMCs’ credit card transactions, PSD2 will not impact on them this year as transactions will be flagged as MOTO (Mail Order Telephone Order) and therefore outside the scope of the regulations.
“During 2022, there will be significant investment from the GDS and OBT providers in upgrading their systems to manage the evolution of PSD2 as it comes into full force in 2023.
“We expect it to be business as normal, as TMCs have been migrating clients away from personal cards to virtual and corporate cards which are exempt from the PSD2 regulations.”