4 comments

[ 3.1 ms ] story [ 16.3 ms ] thread
I'm not sure how they expect to save users' credit card details in a way that can be transferred to the airlines. Can't store the CVV code at all, and everything else is supposed to be encrypted.
They can perform a initial auth against the device with the CVV for zero dollars (depending on the interchange network), then from then on perform recurring charges without the CVV at a higher interchange fee. That shouldn't be a problem since airline tickets are higher margin, low volume, purchases.

It mostly comes down to Kayak's business agreements with Visa/Mastercard etc and the airlines involved.

Edit: additionally the article doesn't say it's built yet, so they probably have several road blocks to hit yet. On top of that, they could always ask for CVV when actually making the purchase. Not like you wouldn't have your wallet on you if you have your iPhone

Oh, so you think that Kayak will actually be charging me for the ticket -- that would be easy. I got the impression that Kayak would be storing my credit card details and automatically fill out the appropriate airline's website forms in the background... which would require storing all of my credit card details with reversible encryption.

Also, according to my processor there is no interchange fee difference for using CVV or not. There is a financial incentive for address verification, but not CVV. Maybe this varies by processor.

It certainly varies by processor, CVV is important for card not present transactions.

I think the tone the author of the article took, and the author's understanding of the technology mislead him/her to make it seem that way.