3DS2-F3 Capability in Post-Sale Ancillaries Flow

Owned by Former user (Deleted)
Last updated: Oct 22, 2019

Feature Content

Feature

3DS2 Capability in Post-Sale Ancillaries Flow

Source Epic

3DS Secure Version 2

MVP

No

Problem Statement

NDC transactions when purchasing ancillaries (seats, bags and meals) in post-sale flow are not fully secured as we do not authenticate them according to SCA requirements. Current 3DS1 only supports airline-initiated authentication model using BA’s own PSP and sellers are not able to perform pre-authentication from their end (seller-initiated authentication).

Feature Hypothesis

To offer secure online card payments when purchasing ancillary products in post-sale flow via NDC APIs so that BA is protected against unauthorised and fraudulent transactions and so that BA complies with the PSD2 regulation. 3DS2 in NDC schema also enables seller-initiated authentication using sellers’ PSP.

Acceptance Criteria  

  • Authenticate when a seller self-declares they are an “ONLINE” seller or if they do not specify

  • Authenticate when the card is 3D Secure enrolled/enabled

  • Corporate, virtual and lodged cards are out of scope

  • Authenticate regardless of card type, fare type, journey, product, or IATA/non-IATA agent

  • Accept BSP (cash payments) irrespective of whether a seller is OFFLINE or ONLINE

  • In short-sell, do not guarantee price if the PGTL had already expired by the time a customer completes 3D Secure

  • Issue EMDs only once 3D Secure is completed and information is valid

British Airways welcomes your feedback

As we are looking for engagement for our future improvements, we would appreciate your comments through our Feedback Form.