ACCORDING TO AMON AMON COHEN
Kicking off a losing game
Regulations on consumer payment fraud are going to penalise managed travel
S
ITTING ON MY DESK IS THE ANNUAL LETTER in which Yeovil Town Football Club suggests I hand over
several hundred pounds to renew my season ticket. After the season the Glovers (for such is our team’s nickname) have just endured, I struggle to think why, but doubtless I shall, against all reason, sign on the dotted line again. I will spare you the harrowing details of what watching Yeovil has been like recently, but suffice to say I expect my 18-year-old son Max, who has accompanied me to most games since infancy, to launch legal action at any time for inflicting on him a childhood of sustained cruel and unusual punishment. Yeovil are so mediocre we are even bottom of the national hooligan league, with zero arrests and banning orders. I guess that’s because we’re Glovers, not fighters.
RULE CHANGE: THE REPLAY The reason I mention all this is because, right now, it feels like regulators may also fail to learn from experience and sign new rules into law that could royally mess up managed travel processes. We went through this a couple of years ago with the Interchange Fee Regulation, which has effectively put up the cost of using individual pay corporate cards – see the BBT Corporate Cards Supplement 2017 with this issue for more details. This time the culprit is the sequel you have all been waiting
BUYINGBUSINESSTRAVEL.COM
Amon Cohen is a specialist business travel writer,
conference moderator and media trainer.
for: PSD2, properly known as the revised European Payment Services Directive. For the most part PSD2 is necessary and well- planned law-making to regulate consumer payments in our changing digital age. It is intended to open the payments market to much greater competition and therefore, one hopes, innovation. But note, I said the directive is aimed at the consumer – and that’s the catch. The draft regulatory technical standards issued by the European Banking Authority show that, once again, the very different needs and processes of the corporate market have been overlooked or misunderstood. The problem this time is
a requirement that payment transactions where the merchant and customer are not face-to- face must be verified with ‘strong customer authentication’ (SCA). What that means is that typing in all the information on the card is not enough. Some other form of verification is needed, such as biometric identification or inputting a PIN number sent to the customer’s phone. The retail industry complains SCA will deter online consumer sales because shoppers won’t want the hassle of an additional round of security. Perhaps. But what is indisputable is that SCA simply can’t function at a practical level for managed travel, for the simple reason that the booker and the payer are often not the same person. One example
would be a travel management company consultant booking on behalf of a traveller – you can’t text a cardholder PIN code to the consultant. Another would be a traveller booking a flight paid for with a lodge card – aka centrally billed account. The lodge card is in the company’s name, not the traveller’s, so how is SCA supposed to be applied in this case? No one has the foggiest idea.
RED FLAG ON FRAUD RISK Even more galling is that, while SCA is commendably aimed at reducing fraud, levels of fraud in commercial payments, especially lodge cards, are a tiny fraction of what they are in consumer payments. ‘Sledgehammer’ and ‘nuts’ are therefore appropriate words here, the latter as an adjective as well as a noun. Various refinements to the
standards have been suggested to avoid causing serious damage to the way we book corporate travel today. One example would be only requiring SCA for businesses with fraud rates above a certain threshold. Failing that, our industry faces unpalatable options such as adding more manual processes or moving away from using cards, with a consequent loss of management information and many other benefits.
This is a battle that can be won – it is said that although the European Banking Authority is unsympathetic to the unintended consequences of SCA, the European Commission is not – but red flags need to be waved collectively and urgently right now, by the travel industry as well as by card businesses. In fact, to quote Yeovil Town’s stirring, though rarely observed, club motto, we need to Achieve By Unity.
BBT May/June 2017 43
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74 |
Page 75 |
Page 76 |
Page 77 |
Page 78 |
Page 79 |
Page 80 |
Page 81 |
Page 82 |
Page 83 |
Page 84 |
Page 85 |
Page 86 |
Page 87 |
Page 88 |
Page 89 |
Page 90 |
Page 91 |
Page 92 |
Page 93 |
Page 94 |
Page 95 |
Page 96 |
Page 97 |
Page 98 |
Page 99 |
Page 100 |
Page 101 |
Page 102 |
Page 103 |
Page 104 |
Page 105 |
Page 106 |
Page 107 |
Page 108 |
Page 109 |
Page 110 |
Page 111 |
Page 112 |
Page 113 |
Page 114 |
Page 115 |
Page 116 |
Page 117 |
Page 118 |
Page 119 |
Page 120 |
Page 121 |
Page 122 |
Page 123 |
Page 124 |
Page 125 |
Page 126 |
Page 127 |
Page 128 |
Page 129 |
Page 130 |
Page 131 |
Page 132 |
Page 133 |
Page 134 |
Page 135 |
Page 136