Fraud challenges faced by online travel agents.

Driven by growing consumer desire for convenience, fast access to cheap deals and confidence in ATOL protection, digital travel sales are expected to reach a staggering USD $817 billion by 2020. While growing confidence in Online Travel Agents (OTAs) may be good news for the travel sector, can OTAs themselves have the same level of confidence in their customers?

Within the travel industry, there are unique risks not seen in other e-commerce sectors that need to be mitigated. When comparing the average holiday cost of around $500 per person, before spending money, and the average shopping basket on Amazon in 2016 which was $86, it becomes clear that OTAs are dealing with vastly larger purchases. This poses a greater risk; a single fraudulent transaction can cause far larger implications not only on bottom lines but customer experience and reputation too.

Within e-commerce, providers do not charge customers until their item is shipped. This, of course, carries some risk as the fraudulent activity would not be detected until the item has left the warehouse. However, as goods tend to be shipped quickly, the risk is not carried for long. The scenario for OTAs is unique, customers frequently book holidays far in advance, which means OTAs carry that same risk far longer – in fact, this risk is carried until the day of travel.

This level of risk can pose a serious problem to a business that does not try to mitigate it. OTAs must ensure that their payment providers are using rules such as geolocation and behavioural algorithms, as well as whitelists and blacklists to detect and eliminate fraud. Sometimes though, the best option is not the most advanced. In order to check that the person making the purchase is who they say they are, the best option may be to simply contact that customer.

In today’s digital landscape much is made of consumer’s experiences being as slick and convenient as possible. In this case, OTAs need to acknowledge the fact that travel payments are not the same as other e-commerce payments. Additional fraud checks may irritate a customer buying goods like clothing or food online, but they are likely to appreciate any time taken to ensure a large and infrequent purchase such as a holiday booking is not fraudulent.

This is all food for thought as the new PSD2 regulation requires all purchases over €30 to be protected by two-factor authentication. Exceptions to this will exist and many e-retailers will take advantage of these exceptions to ensure their service is as frictionless as possible for their customer. In order for OTAs to create a secure transaction, they may instead want to fully embrace two-factor authentication, welcoming what other sectors may consider an irritant.


SafeCharge Limited is an Electronic Money Institution authorised and regulated by the Central Bank of Cyprus and is a principal member of Mastercard, Visa and Unionpay International (CUP). SafeCharge Financial Services Limited is authorised and regulated by the Financial Conduct Authority as a Payment Institution. Both SafeCharge companies are wholly owned by SafeCharge International Group Limited.