Passkeys for Payments
In payments, passkeys can supplement existing payment authentication methods and strengthen the security of e-commerce transactions.
Passkeys are generally considered a password replacement at the point of sign-in, but they can also be implemented for additional use cases where security, speed and convenience are necessary – such as payments.
Payment Scenarios Ideal for Passkeys
When use cases require payments to maintain a secure environment for transaction authorization, Payment Providers can implement passkeys to facilitate a seamless user experience to manage security risks while authorizing the flow of transactions between users and organizations. Ideal scenarios where passkeys for payments are appropriate include the following use cases.
Transaction Authorization
Card Issuers
Card issuers can leverage passkeys for their customers to authorize transactions in 3-D secure authentication flows however they unlock their device – including biometrics, local PIN, etc.:
- Faster and easier for users than sending a code via SMS or email
- More secure than alternatives – based on FIDO protocols, passkeys are always unique and phishing-resistant
- Builds security resilience and compliance readiness
At Checkout
Merchants, PSPs, and
digital wallets
Merchants, digital wallets, and Payment Service Providers (PSPs) can leverage passkeys to authenticate transactions at the point of checkout for delegated authentication:
- Improve the UX of the checkout experience
- Reduce fraud – with FIDO protocols, passkeys provide cryptographic proof of authentication
- Help to comply with regulations