Secure Shopping: Mastercard Eliminates Card Numbers for Safer Transactions

Mastercard continues to intensify its efforts to eliminate the use of credit card numbers in online purchases, aiming to reduce the incidence of internet fraud. The company has already successfully replaced card numbers with so-called tokens, which safeguard customer data.

According to Mastercard CEO Michael Miebach, the company now processes 1 billion tokenized transactions each week. By comparison, it took three years to reach the first billion of such transactions.

Now, Mastercard plans to introduce new technologies that will replace traditional security measures, such as passwords, with biometric data—fingerprints or facial scans. This is another step in combating the growing threats of online fraud, which analysts predict will surpass $91 billion by 2028.

The Mastercard CEO noted that data and transaction security were once universally reliant on passwords. However, over time, this method has become vulnerable, necessitating the search for new solutions.

The tokenization technology was first introduced by Mastercard and Visa about a decade ago, when fraudsters began stealing credit card information en masse from retailers like Target Corp. and Best Buy Co. Initially, the technology aimed to replace card numbers with tokens that could only be unlocked by payment networks, rendering them useless to hackers.

This system has proven highly effective in reducing fraud in brick-and-mortar stores, particularly with services like Apple Pay. However, criminals have now shifted their focus to online stores, where customers manually enter their card details.

Moreover, fraudsters are increasingly targeting websites that use one-time passwords for security. These passwords, which retailers and banks send to customers to verify their identity, are becoming increasingly vulnerable, as Michael Miebach pointed out.

Mastercard plans to closely collaborate with banks and payment services worldwide to replace one-time passwords with tokens based on users’ biometric information. In India, the company has already implemented this service by partnering with PayU and banks such as Axis Bank Ltd.

Miebach emphasized that the issue lies in the fact that when data is leaked, fraudsters can exploit it. Tokenization is designed to significantly mitigate the risks of data breaches and fraud in the digital economy. Mastercard plans to transition all online transactions in Europe to the tokenization system by the end of the decade.