There’s one thing that almost everyone can agree on says Mastercard. Passwords are the worst. Passwords are crucial for keeping personal data safe from hackers and fraudsters. But nearly seven out of ten consumers report feeling overwhelmed by the number of passwords they must remember. Moreover, they feel anxious about whether their passwords are strong enough.
Multi-factor authentication can help. Confirming a user’s identity by entering a code sent by text or email can significantly cut down on fraud. It is the equivalent of needing two keys to open a lock instead of just one. As Mastercard observes, it is not a guarantee of total security. And the process and it adds friction to the consumer experience, whether to log on or make a payment.
‘We need to replace the password with the person’
“Roughly 80% of confirmed data breaches are related to weak or stolen passwords,” said Dennis Gamiello, an executive vice president who leads Identity Products and Innovation at Mastercard. “The vulnerability of passwords, including one-time passwords used in multi-factor authentication, only increases as we move to a more digital world. That’s why we need to replace the password with the person. We are working with our partners around the globe to replace passwords once and for all. That is by accelerating the transition to more seamless and secure authentication, including biometrics.”
Biometrics are already transforming digital interactions. Thanks to artificial intelligence and the proliferation of smart devices, biometrics have become a powerful authentication tool — using a unique fingerprint, iris or face to confirm a user’s identity and secure their data.
Mastercard Biometric Authentication Service
Now Mastercard is making it easy for businesses to integrate biometrics when logging into apps or websites and making purchases online with the Mastercard Biometric Authentication Service. This helps resolve the friction and vulnerability that endless passwords and multi-factor authentication prompts can create. It’s a move that not only makes digital experiences more secure, but also easier and faster.
Mastercard has long recognised the need for a new standard for authentication. It joined the tech-industry initiative, the Fast Identity Online, or FIDO, Alliance shortly after its founding in 2012.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
FIDO standards create an encrypted key pair, or a passkey, that is stored on a user’s phone. Only biometrics, like fingerprint or face, can unlock that passkey, giving access to the application or website. This makes it just as convenient as it is secure. Passkeys can be used across devices (phone, tablet and laptop, for example), for seamless authentication anywhere.
Mastercard biometrics based on the latest in FIDO Alliance standards
The Mastercard authentication biometrics service has been designed to replace traditional authentication methods. It is making all digital interactions, from logging into favourite apps to buying a pair of boots, seamless and secure.
In some countries, like those in the EU or the UK, multi-factor authentication is required for many online payments. But even in countries without such rules, like the US multi-factor authentication is used to establish trusted online payments.
Tokenisation, the process of protecting a payment credential to ensure it cannot be copied or reused, is another important layer of security for payments. Tokenisation can be used in conjunction with the Mastercard Biometric Authentication Service to secure online purchases.
More than 4 billion smart devices are FIDO passkey ready
“The Mastercard Biometric Authentication Service is extra secure because all of your data stays on your personal device,” Gamiello added. “You don’t have to share any secrets, like your password or answers to security questions. This significantly reduces the risk of hacks or identity theft.”
FIDO passkeys are also highly resistant to phishing because there’s no sharing of passwords or codes. And it’s interoperable, meaning it can work on different devices in different parts of the world. Passkeys are discoverable by browsers or housed within apps for passwordless authentication.
It’s estimated that more than 4 billion smart devices are FIDO passkey ready. That means passkey-based security applications for uses beyond payments, such as opening a new account or app or web login and even open banking are at users’ fingertips. Or in this case, fingerprints.
The Mastercard Biometric Authentication Service is available globally with pilots underway in each region.