E-commerce players are undergoing a rather profound regulatory change concerning payments. The Payment Services Directive 2 (PSD2) regulation aims to strengthen the security of transactions. To do so, it institutes as a rule the authentication of transactions, with the renewed and strengthened 3DSecure v2 security protocol.
This regulation has been fully implemented in France for all e-merchants since 15 May 2021.
The tourism and travel sector, however, has been given an exception* for two reasons:
1. Travel and tourism players in particular have suffered from the Covid crisis. This exemption avoids adding further difficulties to the sector during its economic rebound, as lockdowns lift and travel opportunities resume.
2. From a technical standpoint, the security protocol put in place under PSD2, which is 3DS version 2.1., does not fully accommodate all payment use cases in the travel and tourism industry. The protocol will be renewed by the new 3DS version 2.2, which takes much better account of the sector's challenges. At that time, the obligation will be strengthened and applied to all e-merchants. The exact timetable for this implementation is not yet known, with discussions ongoing with various tourism federations.
To be ready in time, some tourism players such as online travel sales site Misterfly are preparing to anticipate the migration:
Watch video with analysis by Matthieu Vermot, Chief Commercial Officer at Dalenys, for Tom Travel: “Payment: Why is the tourism sector exempt from the PSD2 directive?”
To learn more about the regulation and ensure you are prepared in time, download the Ultimate Guide to PSD2 Migration.
*Discussions with the regulator are ongoing but there has been no official communication from them yet.