Global payments provider MasterCard has said that it is close to launching a new authentication standard, dubbed 3DS 2.0, which it argues will be its largest wholesale upgrade to online payment security.

The second generation of 3DSecure technology will remove the need for consumers to remember verification passwords when making online purchases, replacing the process with the likes of one-time passwords or fingerprint biometrics when necessary. The new technology comes as payments made via mobile phones continue to grow as a percentage of overall retail spend and consumers show an increasing willingness to make online payments on the move. 

MasterCard is working on the new protocol with Visa, and the approach is to utilise richer cardholder data, which it is suggested will result in far fewer password interruptions at the point of sale. It could be adopted as early as 2015, but the second-generation authentication technology looks set to gradually replace the current format, which can have an impact on online retail basket abandonment rates.

Mark McMurtrie, director of Payments Consultancy Ltd, told Essential Retail that the news is positive for all stakeholders in the payments value chain.

"Retailers can expect to see a reduction in today's high basket abandonment rates, whilst maintaining liability protection," he explained.

"Consumers won't need to remember yet another password and have a simplified user experience particularly when buying from their smartphone. Card issuers will be able to reduce the levels of fraud being racked up from eCommerce sales and the payment networks will see CNP fraud losses, which have been rising rapidly recently, brought under control thereby maintaining consumer confidence and profitability."

He added that the only unhappy party will be the criminals, but warned that they are sure to respond by looking for "the next soft spot".

Last month saw MasterCard and Norwegian tech company Zwipe team up to unveil a biometric contactless payment solution for the European market.

Consumers register their fingerprint when signing up for the card, but the biometric information is stored directly on the card, not an external database. Trials have taken place in Oslo, and the two companies are marketing it as a simpler and more secure way to pay for items in a contactless manner.

MasterCard reiterated yesterday that it is piloting commercial tests for facial and voice recognition apps to authenticate cardholders, and conducting trials of a wristband which authenticates a cardholder through their unique cardiac rhythm.

Ajay Bhalla, president of enterprise security solutions at MasterCard, commented: "All of us want a payment experience that is safe as well as simple, not one or the other.

"We want to identify people for who they are, not what they remember. We have too many passwords to remember and this is creates extra problems for consumers and businesses."

Click below for more information: