EMVCO CEMV 3D-Secure Travel Industry Message Extension Instructions
- June 3, 2024
- EMVCO
Table of Contents
EMVCO CEMV 3D-Secure Travel Industry Message Extension
FAQS
-
What is the CEMV 3D-Secure (EMV 3DS) Travel Industry Message Extension?
The document describes how travel industry merchants can provide additional travel-related data to issuers for use in risk-decisioning. The document focuses exclusively on e-commerce payment transactions within the travel industry. -
What value does this activity bring to the industry?
Travel industry and airline payments are vulnerable to fraud due to the remote sales environment and high value transactions. According to data from the International Air Travel Association (IATA) 1, are exposed to fraud which is estimated at close to USD1 billion per year.
If travel industry merchants share the supplemental data outlined in the document, issuers can better verify the authenticity of e-commerce transactions using existing systems and without impacting the payment process for the customer.
Issuers can use the additional data as part of a risk-based approach, which promotes frictionless authentications. To view a full list of the data fields, download the EMV 3DS Travel Industry Message Extension. -
Is the EMV 3DS Travel Industry Message Extension consistent with
An EMV 3DS transaction utilises consumer data, transferred securely from merchants to issuers, for the
purposes of evaluating risk to help prevent fraud. Travel merchants and issuers using this data for this purpose are responsible for complying with applicable privacy laws. -
How will the extension be adopted by the travel industry?consumer
The EMV 3DS Travel Industry Message Extension has been designed to exclusively meet the needs of the travel industry to help reduce transaction fraud. Accordingly, EMVCo expects the document to be used by parties to develop and implement EMV 3DS-compliant products and services that support the travel industry in its efforts to improve e-commerce payment authentication.
To learn more about the role EMVCo plays within the payments ecosystem, read its Operating Principles. -
Who has been involved in defining these requirements?
EMVCo has an established Associates Programme that is open to all industry stakeholders. It engages with its Associates to collect industry input to develop and refine its specifications. This serves to solidify EMVCo’s understanding of industry requirements to support global interoperability, security and cardholder authentication.
On this specific document, the EMV 3DS Working Group engaged with EMVCo Associates operating within the travel sector. Current EMVCo Associates Amadeus and IATA provided valuable and extensive input to ensure the data required in the message extension aligned with current systems and best practice. This aims to minimise additional friction during the purchase experience. Input was also received from Expedia, which was previously a participant in the programme.
EMVCo welcomes new participants who are interested in contributing to the EMV 3DS Protocol and Core Specification effort to join its Associates Programme or to become a Subscriber to access advance EMV 3DS information. -
Will EMVCo provide any further updates to the travel sector?
The use of FIDO Authentication data in EMV 3DS messages is the first of a number of use cases that EMVCo and FIDO Alliance have evaluated for collaboration opportunities. Additional future use cases include receiving additional data from FIDO authentications that issuers could cryptographically verify, and using FIDO Authentication as an EMV 3DS challenge method. -
What are the key differences between the EMVCo white paper and FIDO Alliance technical brief?
Yes. The EMV® 3DS Travel Industry Message Extension is available on a royalty- free basis for anyone to download from the EMVCo website.
EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.
©2020 EMVCo, LLC. All rights reserved.