Evaluating network tokens: Are they worth it?Register for webinar ->
Home
Products
Solutions
CustomersPricingDocs
Resources
Log inTalk to an Expert
  1. Customers
  2. Flighthub

FlightHub uses Evervault's 3D-Secure to cut fraud and expand safely

IndustryOnline Travel Agency (OTA)
LocationCanada
Size50 - 200 Employees
SolutionFraud prevention and conversion recovery
Outcomes
  • 33% reduction in fraudulent chargebacks.
  • 73% reduction in friendly fraud chargebacks.
  • Saved ~65 hours of manual reviews each quarter.

Online travel is a high-fraud industry. FlightHub was dealing with significant monthly costs from chargebacks - staff time to process disputes, network fees, and refunds. When Air Canada began requiring 3D-Secure (3DS) in 2024, FlightHub saw a chance to do more than just comply.

Evervault’s 3DS has helped us see our block rate go down, which is great for me. And approvals go up. That's money in our pockets as a company.
Drayton Williams, Director of Fraud Prevention

Like many online travel agencies (OTAs), FlightHub’s payment setup is complex: in some transactions, they’re the merchant of record, in others, it’s the airline or hotel. Theoretically, 3DS should only be applied by the merchant of record to preserve liability shift. But in practice, that rule is rarely enforced. Evervault helped FlightHub navigate the gap between theory and reality to ensure 3DS was applied effectively without adding unnecessary operational friction.

They also needed flexibility around payment timing. In travel, you often want to authenticate a payment immediately but delay processing it until later (to benefit from price fluctuations or consolidate purchases). However, 3DS tokens expire, and so FlightHub needed to factor in the time-sensitivity of 3DS tokens into their authentication strategy.

FlightHub knew they needed a standalone 3DS solution that could work across multiple payment service providers - both current and future ones. They also wanted a partner who could work closely with them on their complex setup. After evaluating their options, they chose Evervault.

How FlightHub’s fraud team uses 3DS

FlightHub's fraud team runs its own machine learning model to assess risk for every booking. With 3DS in place, they developed a two-pronged strategy that's pretty clever.

For transactions their model flags as legitimate, they still want the liability shift that 3DS provides - but they don't want to add friction for good customers. They use a "fail-on-challenge" flow. Essentially, they tell the system: "If this transaction needs a challenge, just fail it outright. Don't make the customer jump through hoops."

This works because Evervault only charges for successful authentications, so failed challenges don't cost FlightHub anything. It's pure upside - they get liability protection when possible, but maintain a smooth experience when 3DS would add friction.

Implementing with Evervault is straightforward: add a fail_on_challenge: true flag to the authentication request. Without this built-in feature, you would have to rebuild part of the orchestration logic yourself, handling interruptions and simulating failed authentications - a complex process that often results in a broken user experience.

Handling uncertain transactions

The other key use case involves what FlightHub calls "ambiguous customers" - transactions where their ML model isn't sure whether to approve or deny. This often happens with new customers or in regions where data quality is poor (missing address verification, incomplete information, etc.).

When you don't have good data on a transaction, it puts fraud teams in a tough spot. They want to approve as many legitimate customers as possible, but they also need to keep fraud low. 3DS gave FlightHub's team a way to handle this balancing act.

Here's how it works: when their model is uncertain about a transaction, they send it through 3DS. If the user passes authentication (especially if they complete a challenge) and no fraud occurs afterward, that's a strong signal the transaction was legitimate. FlightHub collects these outcomes and feeds them back into their ML model as training data.

Over time, their model gets better at handling similar ambiguous transactions.

It's a smart approach - using 3DS not just as a fraud prevention tool, but as a valuable data source to improve their fraud detection over time.

What this means

FlightHub's implementation shows how 3DS can be more than just a compliance checkbox or basic fraud prevention tool. By thinking strategically about when and how to apply authentication, they've turned it into both a revenue protector (through liability shifts) and a revenue driver (by safely approving more legitimate transactions).

The key was finding a solution flexible enough to handle their complex business model while sophisticated enough to support advanced use cases like fail-on-challenge flows and delayed authorization. For a company dealing with the complexities of travel payments across multiple markets and partners, that flexibility made all the difference.

Reduce Fraud. Increase Revenue.

FlightHub reduced fraudulent chargebacks by 33% and saved over 65 hours of manual work each quarter with Evervault’s 3D Secure solution. Ready to see what we can do for your business?

Book a demo