Mastercard launches payment service with Passkeys in India
Passkeys for online payments should provide more security and simplify the process. Payments are approved biometrically.
(Image: Bild erstellt mit KI in Bing Image Creator durch heise online / dmk)
Mastercard has announced that it is now launching its Payment Passkey service in India. This should make online payments more convenient and secure, as shoppers will then approve transactions using biometrics.
The pilot project has been launched with the country's largest payment service providers, namely Juspay, Razorpay and PayU, as well as online sellers such as bigbasket and banks such as Axis Bank. This means that millions of consumers can use the new mechanism.
Payment Passkey Service – Passkeys for secure payments
The Mastercard project is apparently the first service of this kind to be launched in practice. Back in May, Visa presented the more secure payment option "Payment Passkey Service" alongside Mastercard. A passkey based on the FIDO standard ensures the "identity of a consumer" "and authorizes online payments via biometrics using a quick scan of the face or fingerprint", explains Visa in a press release. This means that users are authenticated using biometrics on their smartphone and the transaction is authorized directly linked to this. According to Mastercard, this works for "guest orders", the usual online checkout and the so-called "card-on-file checkout" of participating companies.
The process for an online payment involves entering the credit card details and a prompt appears on the smartphone to enable passkeys, usually a fingerprint and occasionally a face. Neither Mastercard nor Visa explicitly mention a PIN. This confirms your identity. At the same time, this also authorizes the payment.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmmung wird hier ein externes YouTube-Video (Google Ireland Limited) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (Google Ireland Limited) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
Mastercard also wants to end the entry of credit card numbers by the end of the decade, which fraudsters can otherwise obtain through phishing, for example. Instead, tokens derived from the credit card number are to be created and transmitted using"tokenization".
Credit card data is a frequent target of phishers and other online fraudsters. Better protective measures are therefore very welcome. As passkeys are designed to protect against phishing in particular, extending them to payment transactions is a logical step. We will explain the background in more detail in another article.
(dmk)