Mastercard

The global payments leader delivers a card-less future to the masses. Focusing on user experience, security and compliance in a global push beyond plastic cards.

Use Case:
Strong Customer Authentication

Deployment:
Multi-Million User Rollout

Mastercard logo

Key Impacts

  • Eliminated Centralized Credentials
  • Secured Card-less Mobile Payments
  • Reduced ATO Fraud
  • Enable PSD2 Compliant Strong Customer Authentication
  • Stopped Credential Reuse Attakcs
  • Enhanced Customer Experience
  • Accelerated Digital Transformation
  • “HYPR’s technology is a smart way to keep critical data where it belongs – close to the consumer.”

    Bob Reany
    Executive Vice President, Mastercard

A Card-Less Future – Today

Mastercard engaged HYPR on its ambitious project to reimagine customer multi-factor authentication with security and usability at the forefront. The global payment giant is leading the way in mobile payment innovation, with an aggressive push for moving beyond the constraints of a plastic credit card. The mobile world presents vast opportunities but also creates new avenues for fraud. As such, the company’s product leadership was focused on achieving best-in-class security and fraud protection that would satisfy the needs of their mobile users and massive ecosystem of banking partners.

A Challenging Use Case
The company’s project came with a mandate for enabling hardware-backed security for high-risk mobile transactions. The requirements stated that payment credentials such as biometrics and PINs be stored at the edge rather than in a centralized repository. In order to securely decentralize, isolate, and encrypt credentials on personal devices, Mastercard wanted to leverage standards-based approach to card-less payments. They would power mobile payments with FIDO Authentication.

Mastercard wanted to achieve maximum levels of interoperability. A key consideration was providing a solution that would not only be deployed across Mastercard products but would be easily consumed by banking partners and their applications. The solution would need to be robust enough to support both B2C and B2B2C use cases.

Finally, it was imperative that customer experience remain flawless, even with the additional security measures. The company’s global footprint came with a very fragmented and diverse device ecosystem. Achieving consistent user experience and device coverage required HYPR and Mastercard to work closely together on a solution that operates independent of device constraints.

Password-less = Card-less
As it turns out, the vision for card-less payments would have a lot in common with passwordless technology. Credit card numbers are like passwords – they can be stolen, shared, lost, or forgotten. It was clear that card-less authentication could benefit from the advances in the authentication space.

As part of the Mastercard deployment, HYPR provided the True Passwordless SDK to be integrated customer applications. The HYPR platform enabled a FIDO-Certified architecture and a fully customizable user interface provided the flexibility necessary for Mastercard’s customer ecosystem. Mastercard’s internal product teams and external banking partners could customize the look and feel of their authentication experience while maintaining best-in-class security.

Leading the Mobile Payments Revolution
HYPR’s Mastercard deployment ensures that all user credentials, biometric information and cryptographic keys are protected by hardware-backed security and always remain safe on mobile devices. This approach renders credential reuse infeasible and dramatically reduces the risk of mobile payment fraud. Mobile users enjoy a fast payment experience while Mastercard and its partner ecosystem benefit from a much more difficult fraud landscape.

The HYPR <> Mastercard integration enables frictionless mobile payments and transaction speeds never before possible with such high security. Deployed together, this solution presented the most advanced mobile payment security innovation since Apple Pay was unveiled.