PSD2: Biometrics by Computop allows merchants to takeover
Computop, a payment processor, has announced Biometrics by Computop, its new PSD2 compliant biometric authentication service for online merchants and banks. With Biometrics by Computop, merchants can take over the strong customer authentication (SCA) in order to avoid banks having to run their own two factor authentication during the payment process. Computop’s biometric authentication service complies with the secure FIDO standard (Fast Identity Online) and is suitable for PSD2 compliant strong customer authentication in online retail.
PSD2, Visa and MasterCard all allow customer authentication to be trusted to third parties. Computop Biometrics enables merchants to process the biometric authentication of their customers in advance avoiding the necessity for banks to apply their own two factor authentication (2FA) during the sensitive payment process.
Smartphone users typically opt for safe and convenient biometric authentication using fingerprint, face- or voice recognition. FIDO compliant Biometrics by Computop enables merchants to apply biometric authentication at an early stage in the shopping process when customers are logging into the merchant’s app or online store or during the checkout process. Following this, Computop Biometrics generates a digital signature that can be transmitted to issuers together with other 3D Secure 2.0 data as proof that the merchant has already applied PSD2-compliant strong customer authentication.
Running strong customer authentication in advance allows merchants to avert any problems associated with 2FA during the payment process which helps to improve conversion. Computop is already implementing that process with a number of significant retailers.
“What we are providing with Computop Biometrics is a host of great advantages for retailers. Biometric authentication can be applied to app or shop logins in order to avoid fraudulent account takeovers. This also helps the customer experience, because biometric authentication is so much better than a typical PIN-TAN process,” said Ralf Gladis, CEO at Computop. “For merchants there is increased complexity with the number of different authentication methods used by banks, but if they are able to process strong consumer authentication themselves, the customer journey will be standardised and easier to support. In addition, the whole process is GDPR compliant, and consumers can be confident in knowing that biometric data will never leave their own device. Computop’s solution will verify cryptographic keys but will never touch cryptographic data.”
Computop Biometrics is available as a cloud service for access control, for login procedures and for payment authentication. App developers will be provided with Computop’s Biometrics SDK for iOS and Android. Using biometric authentication for payment authentication will be possible at a later time after the introduction of 3D Secure 2.0 on September 14th.