Since they were first introduced by SITA in 1984, at Los Angeles International Airport, common-use solutions have made a massive difference to the cost structure and efficiency of airports and airline operations.
However, moves by airlines to offer ancillary services, such as checked baggage and seat upgrades for a fee, created a new set of challenges related to payment acceptance on the common use infrastructure.
As a result, many airlines have had to send passengers to a different revenue desk, where their payment can be processed using a payment terminal dedicated to a single airline. At a time of contactless payments and a tighter focus on meeting customer expectations, as well as a growing array of flexible payment options, not only is this inefficient – it also introduces a barrier to airlines building on the commercial relationship with the passenger.
The problem has long been recognized by the industry, including IATA. For several years, their Common Use Working Group and Simplifying the Business program have been looking for a practical way to resolve the challenges.
Why so elusive?
SITA Portfolio Director David Kershaw explains: “The reason it’s taken so long to find a solution is due to the complexity of multiple airlines sharing a single EMV payment device, a capability that these devices were never intended to perform.
“There are also other difficult and multi-layered issues. For example, airlines required that transactions should be processed to their selected bank, so any solution needed to be multi-bank capable. In addition, with some countries having unique banking regulations, the permutations across the worldwide traveling community requires a flexible solution.”
He adds: “Card payment systems also rely on complex legacy processes involving issuing banks, card associations, acquirers and processors. To add a further twist, laws governing compliance, bank and card regulations, regional variations and surcharges, data protection and privacy add to the difficulty.”
There are other complications as well. For example, merchants who do not use EMV (Europay, Mastercard, VISA) chip and PIN card payment devices have the liability for fraudulent and counterfeit transactions transferred to them by the card brands. And airports must ensure that the payment system they provide for the use of airlines conforms with the Payment Card Industry (PCI) Data Security Standard (DSS) requirements.
Not the best solution
“Of course, one solution is for each airline to carry a payment terminal, dedicated to them, each time they use common-use terminals for a couple of hours,” adds Kershaw.
“But this means more things to carry and it’s not a particularly helpful solution for handling agents: they have to remember to take with them the right terminal for the right airline. In short, it’s an analogue response to a fast-evolving technology requirement. In addition, managing their own payment devices at each airport adds further scope for PCI issues for the airline.”
We’ve delivered the first and only payment solution that enables transactions by multiple airlines through a single payment terminal.
David Kershaw, SITA Portfolio Directo
According to Kershaw, the best solution is entirely straightforward, in principle. Have a single piece of hardware on the common-use desk/kiosk or bag-drop unit – a single chip and PIN-enabled payment device that encrypts the data at the point that it’s read and connects through a PCI-compliant data center to multiple merchants to multiple airlines, who can then process the payment and return near-immediate approval.
“That’s what SITA has achieved,” he says. “It’s unique not only in the airline world but in the payment world. SITA AirportConnect Common Use Payment Service is the first and only payment solution that enables transactions by multiple airlines through a single payment terminal.
“Moreover, the solution can be used with any departure control system. When an airline logs into a common-use system, it also logs into its own merchant system, takes payments from customers as needed, and transmits payments to the airlines selected bank or Payment Service Provider.”
This is classic SITA – a shared solution to a shared problem.
David Kershaw, SITA Portfolio Director
Announcing the breakthrough, SITA CEO Barbara Dalibard emphasized at the time the importance of the solution embracing many different industry players.
“This new service, integrated with our SITA AirportConnect platform, allows airlines to accept credit card payments in a common-use environment in line with payment card industry standards.
“Crucially, point-to-point encryption (P2PE) provides a powerful, flexible solution for all stakeholders to ensure the protection of customer data”.
The new solution has been implemented with a major European airline at a leading common-use airport, proving the rigor of the encryption technology for chip, magnetic stripe and contactless card payments.
“This is classic SITA – a shared solution to a shared problem,” concludes Kershaw. “With the service infrastructure hosted in SITA’s own PCI-compliant Data Center, the data is encrypted from the card reader to the receiving Payment Service Provider, making account data unreadable by unauthorized parties.
“It ‘de-values’ account data because it cannot be abused – even if stolen. We’ve also simplified compliance with PCI DSS (Data Security Standard) requirements for airlines and airports by reducing the number of addressable requirements during a PCI security assessment.
“But PCI compliance certification still requires an end-to-end security review by each airline of its own full payment process.”
Initially available for SITA AirportConnect workstations, the service will be rolled out to support SITA’s common-use kiosks and bag-drop stations over the coming months.