Mastercard using HYPR to reimagine consumer authentication

Overview

Mastercard engaged HYPR on its ambitious project to reimagine consumer authentication with security and usability at the forefront. The global payment giant is leading the way in mobile payment innovation, with an aggressive push for moving beyond the constraints of a plastic credit card. The mobile world presents vast opportunities but also creates new avenues for fraud. As such, the company’s product leadership was focused on achieving best-in-class security and fraud protection that would satisfy the needs of their mobile users and massive ecosystem of banking partners. 

Mastercard

Challenge

The company’s project came with a mandate for enabling hardware-backed security for high-risk mobile transactions. The requirements stated that payment credentials such as biometrics and PINs be stored at the edge rather than in a centralized repository. In order to securely decentralize, isolate, and encrypt credentials on personal devices, Mastercard wanted to leverage standards-based authentication (FIDO). Mastercard wanted to achieve maximum levels of interoperability. A key consideration was providing a solution that would not only be deployed across Mastercard products but would be easily consumed by banking partners and their applications. The solution would need to be robust enough to support both B2C and B2B2C use cases. Finally, it was imperative that customer experience remain flawless, even with the additional security measures. The company’s global footprint came with a very fragmented and diverse device ecosystem. Achieving consistent user experience and device coverage required HYPR and Mastercard to work closely together on a solution that operates independent of device constraints. 

Solution

As part of the Mastercard deployment, HYPR provided Android and iOS SDKs that were integrated into customer applications. The HYPR Decentralized Authentication Suite enabled a FIDO-Certified architecture and HYPR’s fully customizable user interface provided the flexibility necessary for customization. Mastercard’s internal product teams and external banking partners could customize the look and feel of their authentication experience while maintaining best-in-class security. HYPR provided Mastercard Advanced Device Protection (ADP) to enable hardware backed security on the device’s Trusted Execution Environment (TEE). HYPR’s ADP component enables a secure decentralized credential store on all mobile devices and undergoes continuous testing to ensure maximum device coverage. To achieve robust device coverage, security and interoperability HYPR worked closely with TEE industry leaders including Trustonic, ARM and Samsung.

“HYPR’s technology is a smart

way to keep critical data where it

belongs – close to the consumer.”

Bob Reany, EVP Global Products and Services

for Identity Solutions at Mastercard.

The Impact

HYPR’s Mastercard deployment ensures that all user credentials, biometric information and cryptographic keys are protected by hardware-backed security and always remain safe on mobile devices. This approach renders credential reuse infeasible and dramatically reduces the risk of mobile payment fraud. Mobile users enjoy a fast payment experience while Mastercard and its partner ecosystem benefit from a much more difficult fraud landscape. The HYPR <> Mastercard integration enables frictionless mobile payments and transaction speeds never before possible with such high security. Deployed together, this solution presented the most advanced mobile payment security innovation since Apple Pay was unveiled.

Would You Like To See How Your Organisation Can Benfit From HYPR?

We will be more than happy to answer your questions and schedule a demonstration at your convenience.

Contact Us

Manage cookie settings
This website uses cookies to make our services work, and that’s why some cookies are necessary and can’t be declined. We use cookies to give you the best user experience possible. You can manage your cookies in the next session.
Cookie settings
Cookie settings
Necessary Cookies
These Cookies are necessary for our website to work and can’t be turned off. The Cookies are usually only activated when you, for example, fill out a form or create or log in to your account. They don’t track any personal information.
Performance Cookies
These Cookies help us to track the number of visitors on our webpage. They also track where our visitors came from and how they found our website. We use this information to analyze how to make our website more user-friendly for our visitors and which landing pages are most relevant for our customers. The information that we store is, for example, what pages you visit when using our website.
Marketing Cookies
We use these Cookies to analyze how we can make our advertising better. The information helps us to learn more about our visitors and makes it possible to personalize ads based on your previous use of our services.