CONTINUE TO SITE »
or wait 15 seconds

News

FIDO, EMVCo to develop security standard for mobile payments

October 28, 2016

FIDO Alliance, the industry consortium developing open, interoperable authentication standards, will work with EMVCo to add convenience and security to in-store and in-app EMV-compliant mobile payments, according to a press release.

The FIDO Alliance will develop a new technical specification into its FIDO authentication suite to fulfill use cases provided by EMVCo.

The specification will provide a standard for mobile wallet and payment app developers to use in supporting the consumer device cardholder verification method. This will allow consumers to conveniently use on-device FIDO-certified authenticators, such as a fingerprint or selfie biometrics, to securely verify in-store or in-app mobile payment, the release said.
 
The new specification will be developed as an extension to the web authentication specification already in development by the World Wide Web Consortium.

The web authentication specification will define a standard web API to enable web applications to move beyond passwords and offer FIDO strong authentication across all web browsers and related web platform infrastructure.

The same FIDO-compliant devices used to authenticate users on the web will also be able to fulfill payment networks' CDCVM requirements for mobile payment. 
 
Development of the new specification is meant to help mobile wallet providers and payment application developers to greatly simplify the development and support for CDCVM across mobile devices and other platforms.
 
"Today, mobile wallet providers and payment application developers need to custom-build support for CDCVM across mobile devices," said Brett McDowell, executive director of the FIDO Alliance. "This is a huge challenge given the fragmentation in the mobile ecosystem — there are more than a thousand manufacturers for Android alone. This new specification will enable mobile payment stakeholders to FIDO-enable their applications and get the added benefit of built-in support for CDCVM on every FIDO-compliant mobile device."
 
The new FIDO specification will also enhance consumer convenience by providing additional risk management information to mobile payment applications, ultimately reducing the number of times consumers must authenticate themselves in order to approve a payment within a given time period.

For example, when the mobile payment application calls the FIDO authenticator, it can check the last time the user was verified by the authenticator. If that falls within the requirements for CDCVM, the payment will be authorized without any additional interaction with the user.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
Eurasian Bank selects Diebold Nixdorf's self-service software
First National Bank to open 30 branches
Romanian man arrested for alleged cash trapping ATM scheme
Replacing the ATM: Pros and cons of new vs. remanufactured
U.S. Bank resumes crypto custody services


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'