FB pixel

Passkeys can make online payment authentication easier, but it’s complicated

| Chris Burt
Categories Biometrics News  |  Financial Services  |  Mobile Biometrics
Passkeys can make online payment authentication easier, but it’s complicated
 

If passkeys are adopted for online payments, the technology’s user base could scale rapidly. But payments are complicated, leading the FIDO Alliance to ask a panel at Authenticate 2024; “can we use passkeys to authenticate users in online card transactions”?

Payments were one of the use cases for passkeys that the conference focused on, with a dedicated track on Wednesday afternoon.

The discussion between Jonathan Grossar of Mastercard, Henna Kapur of Visa and Sean Estrada of Stripe was moderated by FIDO Alliance CEO and ED Andrew Shikiar.

The standards and infrastructure, or “rails” that underlie payment technology predate digital transactions, Estrada pointed out at the beginning of the discussion.

Authentication for payments is different than for account access, Shikiar says, and Grossar explained that the difference in risk introduced by the prospect of financial loss sets the bar higher. That means using passkeys as one of several authentication factors, along with device and card ownership.

Passkeys fit with the Strong Customer Authentication (SCA) requirement of Europe’s PSD2, but only in combination with another factor. If the passkey is based on biometrics, a knowledge or possession factor is needed.

PSD3 is coming, too. Kapur suggests that the new regulation may make the use of passkeys in online payments easier. In India, where Mastercard has introduced passkeys, regulations are different. In Southeast Asia and Africa are more different regulations, and many payments are made with QR codes.

Passkeys could also fit into automative payments in the future, with Kapur explained, with the car’s digital system as an acceptance channel and authentication through voice biometrics. The standards and technologies are still being worked out, however.

Ultimately, Grossar says, if passkeys are going to meet the needs of the global payment industry, the standards need to further evolve.

In the meantime, the answer to the question posed to the panel is “yes.”

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Face biometrics use cases outnumbered only by important considerations

With face biometrics now used regularly in many different sectors and areas of life, stakeholders are asking questions about a…

 

Biometric Update Podcast explores identification at scale using browser fingerprinting

“Browser fingerprinting is this idea that modern browsers are so complex.” So says Valentin Vasilyev, Chief Technology Officer of Fingerprint,…

 

Passkeys now pervasive but passwords persist in enterprise authentication

Passkeys are here; now about those passwords. Specifically, passkeys are now prevalent in the enterprise, the FIDO Alliance says, with…

 

Pornhub returns to UK, but only for iOS users who verify age with Apple

In the UK, “wanker” is not typically a term of endearment. However, the case may be different for Pornhub, which…

 

Europol operated ‘shadow’ IT systems without data safeguards: Report

Europol has operated secret data analysis platforms containing large amounts of personal information, such as identity documents, without the security…

 

EU pushes AI Act deadlines for high-risk systems, including biometrics

The EU has reached a provisional agreement on changes to the AI Act that postpone rules on high-risk AI systems,…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events