Mastercard turns to biometrics for passwordless authentication

As passkey use continues to grow more widespread, Mastercard announces its passkey service, while X also announces passkey support. Android phone users can enable the security key feature on their phones to confirm when they are logging into Chrome.

Mastercard launches biometric authentication via passkeys

Mastercard has launched the Biometric Authentication Service, its passkey offering in line with FIDO standards. The service is designed to replace multi-factor authentication options that are less secure and cause friction.

Mastercard’s service uses the biometric systems already built into users’ phones and laptops. It allows them to use their face or fingerprint to login to their accounts and make purchases more easily. The feature supports all card brands and other forms of payment. Merchants and financial institutions, says Mastercard, can expect to see reduced costs and improved customer experience.

The service could streamline scenarios such as when a customer makes a unique purchase that would typically trigger multi-factor authentication. Instead, the user would authenticate with their face or fingerprint. Merchants could also enable passkeys on all regular purchases to improve security without creating friction.

X announces passkey support

X has announced passkey support, according to TechCrunch. The feature can help combat recent high-profile account hacks, such as when a bad actor hacked the U.S. Securities and Exchange Commission’s X account to share a post claiming the SEC had granted approval for Bitcoin ETFs.

Currently only available on X for iOS, users can set up the passkey feature by logging into the app and navigating through “your account,” “settings and privacy,” “security and account access,” to “security.” Under “additional password protection,” click “passkey,” enter the password, select “add a passkey” and then follow the prompts.

Users can go to the passkey page to delete passkeys as needed.

X removed SMS two-factor authentication for non-paying accounts when Elon Musk took ownership of the app, rebranding it from Twitter

Android users can turn phone into a security key for Chrome

A ZDNet article explains how Android users can turn their phone into a security key for logging on to Chrome browser. With security keys, users attempting to login to Google automatically receive a pop-up on their phone asking to verify the login attempt. The feature only secures the Google account itself. Those who use two-factor authentication for Google products on Android are already using the feature.

To add the security key, users must have the latest version of the Chrome browser and the phone linked to their Google account. Two-factor authentication must also already be set up. Then, open Chrome on the desktop, go to the “Privacy and Security” page in “Settings,” and click “Manage Security Keys.” Users can add PINs for physical security keys in this section, as well.

Open Chrome on mobile and go to myaccount.google.com/security. In the “How you sign in to Google” section tap 2-Step Verification. Then go to the Security Key entry page, tap Add Security Key, select the phone and tap add.

Article Topics

Android  |  biometric authentication  |  biometrics  |  Mastercard  |  passkeys  |  passwordless authentication  |  X (twitter)