MasterCard has joined forces with an organisation that aims to eliminate consumers' dependency on passwords and PINs for authentication.
The global payment processor planned to become a member of the Fast Identity Online (FIDO) Alliance, which was formed in 2012 by online transaction giant PayPal and a number of other companies to embrace innovative solutions for verifying users' identities.
By early 2014, the FIDO Alliance plans to introduce specifications for an open protocol standard for two-factor and multifactor authentication.
The specifications would support biometric technologies, such as fingerprint scanners, voice and facial recognition, and other authentication measures, including one-time passwords (OTP) and near-field communication (NFC), a wireless technology that establishes communication between mobile devices through physical contact.
In April, Google joined the FIDO Alliance. Now with the addition of MasterCard, the organisation gains another power player in the industry that could give weight to its mission.
"We believe our involvement with the FIDO Alliance, as well as other activities across the industry, will help deliver strong security for consumers, merchants and issuers, as well as a great consumer experience,” MasterCard's chief emerging payments officer Ed McLaughlin said.
Clef CEO Brennen Byrne said MasterCard's participation in FIDO was a positive step.
“The industry in general is looking for new ways to improve [methods] of authenticating,” Byrne said.
“So it's not surprising to me that MasterCard is joining on and taking the FIDO Alliance seriously,” he continued, adding later that “it's good that a major payment provider is involved.”
But other experts have some questions. TeleSign CTO Charles McColgan doubts payment processors, like MasterCard, would “fully rely” on biometric technologies for authentication.
“I think a bank or payment processor wouldn't necessarily fully rely on biometric,” McColgan said, explaining that organisations may opt to incorporate biometric solutions with technology they already use.
“The incorporation of those products will take a lot of time," he said. "[Payment processors] have existing threat models around passwords and PIN technology, but the FIDO Alliance may make it easier for them to use those things,” he said of authentication alternatives.
The company has tested the waters with biometric initiatives before.
In August, MasterCard collaborated with the South African Social Security Agency (SASSA) to issue 10 million debit cards using fingerprint and voice authentication to verify cardholders' identities for welfare disbursements.
FIDO Alliance founding board member Sebastien Taveau said FIDO specifications ensured that payment providers such as MasterCard had choice and control of authentication.
"MasterCard is taking a strong leadership position for the industry to move beyond password and PIN authentication and achieve better authentication that is more secure, private and easy to use.”