Paypal adopts Passkeys to secure online payments
Last September, Apple announced the possibility of generating "Passkeys" with its various devices, i.e. cryptographic keys that allow users to connect more securely to their various personal accounts. Today, PayPal has announced that it will allow Apple customers to use these Passkeys to log into their PayPal account and authenticate transactions.
FACTS
-
Access keys are intended to replace passwords and allow users to log in on all types of devices and platforms.
-
They are currently only available on iPhone, iPad and iMac on Paypal.com for US customers. The launch in other countries is planned for early 2023. Google is also working on issuing Passkeys for Android devices.
-
As soon as PayPal customers log in with their login or with biometric authentication (Apple Face ID or Touch ID) to enter the PayPal application, two cyptographic access keys are automatically generated; one is made accessible to the site and the other is stored on the user's personal device. It is the on-the-fly comparison of these two keys that enables authentication. Once these keys are created, customers will no longer need to use or manage a password to log in to PayPal.
-
If users do not have compatible devices, they can log into their PayPal space and scan a QR code to generate their access keys.
CHALLENGES
-
To be at the forefront of secure transactions by adopting the new FIDO Alliance standard: Passkeys are the result of a new industry standard created by FIDO and the World Wide Web Consortium, designed to replace passwords, which are considered far too vulnerable. Passkeys are replaced by cryptographic key pairs. This initiative is the result of joint work by Apple, Microsoft and Google with the FIDO alliance.
-
Strengthen the security of customer payment information in a tense environment: in 2017, approximately 2.6 billion pieces of data were hacked according to the 2018 Verizon Data Breach Investigation Report; 81% of these hacks were due to password theft. In addition, many consumers reuse the same passwords for different online services, giving hackers access to more information and making password use even more dangerous.
-
Increase conversion rates for e-retailers: According to a 2020 study commissioned by iProov, 44% of American consumers have abandoned an online purchase because they forgot their password. In this context, Passkeys appear to be a solution for securing transactions while not burdening the authentication process for the end customer.
MARKET PERSPECTIVE
-
The payment industry has a key role to play in creating a frictionless shopping experience. The payment experience can be an incentive to increase sales in the e-commerce sector. Several initiatives have been launched to speed up the payment process, including the creation of Amazon Pay, Paypal Checkout Express and, more recently, Revolut Pay.
-
As a reminder, PayPal also recently announced that it would integrate the Honey Rewards programme into Paypal Rewards.