De-Mystifying New Approaches to Safer Online and Mobile Payments
Prior to COVID-19, criminal activity focused mainly on card-not-present (CNP) or e-commerce merchants, compared to the physical retail environment. E-commerce has become an even larger target in the present COVID-19 environment, making consumer authentication more critical to combatting fraud. Recognizing the increased risk of this channel, several industry organizations (EMVCo, FIDO and W3C) have been updating their protocols and collaborating to develop technical specifications that address stronger authentication and improve online purchase experiences. EMVCo focuses on the card payments industry, and W3C focuses on standards to ensure the growth of the web. FIDO’s focus is broader than payments and develops standards and certifications for authenticators that are hardware-, mobile-, and biometrics-based, shifting the industry away from usernames and passwords. Other solutions, such as digital wallets, also address online authentication and enhancing the consumer experience, but are not specifically addressed in this whitepaper.
In 2019, the Mobile Payments Industry Workgroup (MPIW) formed a subgroup to gather information about these specifications, explain how they relate to one another, understand industry perspectives, and educate industry stakeholders to help them make informed decisions about how to best leverage the specifications to enhance the security and consumer convenience for online and mobile shopping.