Fido Alliance is working with EMVCo to provide a new authentication standard for mobile wallet and payments developers, allowing consumers to use certified, on-device biometric verification when making in-store or in-app purchases.
The work will be developed as an extension to the Web Authentication specification already in development by the World Wide Web Consortium (W3C), which offers authentication standards for web browsers and platforms.
With the new specification, the same Fido-compliant devices used to authenticate users on the web will also be able to fulfill payment networks’ Consumer Device Cardholder Verification Method (CDCVM) requirements for mobile payments.
The aim is to enable consumers to use on-device Fido-certified authenticators — such as a fingerprint or ‘selfie’ biometrics — to securely verify their presence when making mobile payments.
Making the announcement at Money2020 in Las Vegas, Fido Alliance says it will reduce the number of times consumers need to authenticate themselves to approve a payment within a given time period.
“Mobile wallet providers and payment application developers need to custom-build support for CDCVM across mobile devices,” says Brett McDowell, executive director of Fido Alliance.
“This is a huge challenge given the fragmentation in the mobile ecosystem. This new specification will enable mobile payment stakeholders to Fido-enable their applications and get the added benefit of built-in support for CDCVM on every FIDO-compliant mobile device.”
Fido Alliance was launched in 2013 as an open security authentication concept to replace passwords with a range of methods such as biometrics.
Some 250 products from global technology leaders are now Fido certified, it revealed last month.