MasterCard outlined its vision for online payments beyond passwords, making life simpler for cardholders while increasing security.
The company has been leading the co-creation of a new authentication standard, which when adopted, will be the largest wholesale upgrade to online payment security. It will benefit consumers, banks and merchants alike, with invisible authentication and far fewer prompts for passwords.
By 2018, payments on mobile devices are expected to represent 30% of all online retail [1} sales and therefore the new standard will move security infrastructure beyond the PC era, supporting emerging technologies and changing consumer needs.]
MasterCard’s approach is to utilise richer cardholder data, which will result in far fewer password interruptions at the point of sale. In the event that an authentication challenge is needed, cardholders will be able to identify themselves with the likes of one-time passwords, or fingerprint biometrics, rather than committing static passwords to memory.
Ajay Bhalla, President of Enterprise Security Solutions, MasterCard said: “All of us want a payment experience that is safe as well as simple, not one or the other. We want to identify people for who they are, not what they remember. We have too many passwords to remember and this is creates extra problems for consumers and businesses.”
The new protocol, being co-created with Visa, could be adopted in 2015 and will gradually replace the current 3D Secure protocol. Other steps MasterCard is taking toward a password-free environment include the following; Evolving its SecureCode programme to support the new standard, resulting in a smoother, simpler and safer experience for cardholders. Piloting commercial tests for facial and voice recognition apps to authenticate cardholders. Conducting trials of a wristband which authenticates a cardholder through their unique cardiac rhythm.