Mastercard Brings Payment Passkey Service to India

Mastercard

Mastercard chose India for the launch of its Payment Passkey Service.

The online checkout security measure comes as India is dealing with a surge in fraud cases, according to a Thursday (Aug. 29) press release.

“Despite the rising popularity of one-time passwords (OTPs) due to their ease of use, they are increasingly vulnerable to online scams such as phishing, SIM swapping and message interception,” the release said. “In India, the incidence of fraud cases has surged by nearly 300% in the last two years, as reported by the Reserve Bank of India’s Annual Report for 2023-2024.”

Payment passkeys can help ease the problem by using device-based biometric authentication methods like fingerprints or facial scans to streamline online shopping, per the release. Mastercard’s service uses tokenization to secure a consumer’s payment details and biometric data, ensuring data is not shared with third parties and is of no use to scammers.

Shoppers choose their Mastercard when checking out as a guest or pick a card already on file with the merchants, according to the release. Customers can confirm payment via biometric authentication mechanism features on their devices. This could be a fingerprint, face scan or PIN. Payments are completed instantly upon authentication.

The development and use of passkeys is arguably one of the most important security stories of the year, PYMNTS wrote in May, following product announcements from Mastercard and Visa that revolved around the technology.

Meanwhile, the PYMNTS Intelligence report “Consumer Authentication Preferences for Online Banking and Transactions” found that consumers want to use passkeys or any authentication tool that doesn’t involve entering a password. Younger generations especially are ready to get rid of passwords in favor of more advanced identity technology, such as biometrics.

“But like most habits, traditional password authentication use is hard to break,” PYMNTS wrote in January. “Fast Identity Online, the global digital password-less authentication standard, has been trying to move away from password authentication for over a decade.”

Mzukisi Rusi of Entersekt told PYMNTS in 2022 that it would take time to uproot the decades-old authentication system.

“As much as we hate it from a security perspective, people still find [passwords] pretty easy,” Rusi said. “They are fairly ubiquitous, and they don’t need any special technology.”