Releases

Technology updates from Passenger

Support for the latest bank security features (Strong Customer Authentication)

This release is a significant behind the scenes update for how payments are handled within the mobile apps. 

Whilst there have been some big compliance changes under the hood, there are only a few small changes to how things will work for users. 

When paying for a ticket using a debit or credit card in the app or on websites, for operators with our Web to Mobile eCommerce enabled, users may get a text or app notification from their bank requesting them to authorise the payment. There aren’t any changes to how Apple Pay and Google Pay works for users.

The changes we are releasing mean that our app and web-based ecommerce systems are now fully compliant with the Financial Conduct Authority’s (FCA) new Strong Customer Authentication (SCA) regulations. 

SCA is a new European regulatory requirement recognising the need to authenticate the identity of users during transactions and banking activities in order to:

  • Reduce the cost of processing fraudulent transactions
  • Reduce the potential for online fraud
  • Comply with international regulations
  • Increase cardholder confidence in using online services.

To accept payments and meet SCA requirements, additional authentication has been added to the checkout flow. 

SCA requires the user to authorise the payment by using two of these three methods

  1. Something the user knows (e.g. PIN number or password)
  2. Something the user has with them (e.g. a mobile phone)
  3. Something that physically identifies the user (e.g. fingerprint or face recognition)

When going through the payment process, the user will need to authenticate to authorise the payment. For example, a user’s bank may send a notification to their phone. When the user opens their banking app they will need to log in with a password and then authorise the payment. This satisfies method 1 and 2 above as the user has the phone and they authenticate with their password.

3D Secure 2.0 transaction authorisation screen
Example of an app notification from a users bank
Example of a banking app transaction authorisation screen

There are no changes to Passenger Cloud as part of this update and no changes to the way customer service staff need to handle user transactions. 

If you have any questions at all, please get in touch.