EMVCo, FIDO Alliance and W3C Collaborate on Educational Resource for More Secure and Convenient Web Payments

November 5, 2020

First work product from Web Payment Security Interest Group outlines the roles of complementary technologies that can enhance the security and convenience of web payments for merchants and their e-commerce customers.

EMVCo, the FIDO Alliance and the World Wide Web Consortium (W3C) have published a document explaining the roles of their related technology specifications, that together can support merchants in delivering a more secure and convenient payment experience for the benefit of their e-commerce customers.

The ‘How EMVCo, FIDO, and W3C Technologies Relate’ document is the first output of the Web Payment Security Interest Group, a collaborative industry-led initiative focused on enhancing the interoperability of web payments. Key to this ongoing effort is identifying gaps between relevant specifications to increase compatibility among different technologies.

This new educational resource informs payments industry stakeholders on the roles of EMV® Secure Remote Commerce (SRC), EMV 3-D Secure (3DS), EMV Payment Tokenisation, FIDO Alliance’s FIDO2 specifications, and W3C’s Web Authentication and Payment Request APIs, which may be used together to enable more secure and convenient card-based payment during an e-commerce guest checkout on the Web.

The document also addresses how these technical specifications can support merchant efforts to fight fraud, protect user privacy and meet regulatory requirements, while helping to reduce cost and streamline the online payment process.

Following the document’s publication, the Web Payment Security Interest Group is actively seeking feedback from interested organizations to improve and enhance the document. For more information and details on how to submit feedback, please visit: https://www.w3.org/securepay/.

At the Authenticate 2020 Conference on 18 November, representatives from EMVCo, the FIDO Alliance and W3C will participate in a virtual panel session to discuss the document and seek input on it from payments industry stakeholders. The conference is open and free for anyone to attend.

“As more merchants move online, especially since the start of the COVID-19 pandemic, and fraud attempts increase, EMVCo sees this collaboration with the FIDO Alliance and W3C as a major contribution to advancing secure web-based payments, while also simplifying the online payment process for merchants and helping to reduce friction for their e-commerce customers,” said Bastien Latge, Director of Technology for EMVCo.

“FIDO Authentication can complement EMVCo and W3C technologies by securely and conveniently authenticating users and transactions in a variety of scenarios,” said Christina Hulka, executive director and chief operating officer of the FIDO Alliance.  “The Web Payments SIG and this first resource are intended to educate and answer questions so ultimately these technologies can be implemented for stronger and simpler web payments. We look forward to industry feedback to help us to frame future educational outputs.”

“W3C, EMVCo, and FIDO have been working together for a number of years, and now is the time for the industry to start to reap the benefits,” said Ian Jacobs, W3C’s payments lead. “We published ‘How EMVCo, FIDO, and W3C Technologies Relate’ to usefully answer real-world industry questions. Through it, the three organizations have also advanced their understanding of each other’s activities. This now allows us to accelerate our joint efforts, and in collaboration with industry, to develop the next generation of secure and user-friendly technologies to streamline e-commerce.”

Categorised in: