One-click payments by 2030 in Europe with tokenization

CRedit cards came on the scene in the late 1950s and 1960s, but it would take decades for processing technology to catch up.

In the beginning, clerks checked card numbers in a book with incorrect numbers or called the issuing bank to obtain authorization. So-called zip-zap machines, which printed card numbers on tracing paper packets (and removed a layer of leather if the clerk wasn’t careful), reigned supreme at checkouts in the 1970s and 1980s until magnetic and electronic strips payment terminals began to be used last, followed by chip cards.

Today, when shopping in person, you can tap your card or mobile device against the reader and in a split second your credentials will be authenticated and the transaction authorized. It should be as easy, safe and convenient online as it is in store.

That’s why we’re working with banks, fintechs, merchants and other partners to phase out manual card entry in e-commerce in Europe by 2030 in favor of a one-click button that works on any online platform. Europe has long been a leader in payments innovation and we expect other markets to follow suit.

Most of us have been entering our card details when shopping online since the 1990s. We eventually started storing our credentials with multiple merchants, which made it easier to pay but widened the battlefield for hackers to target merchant sites to steal consumer card information. Last year’s study estimated that merchant losses from online payment fraud will exceed $91 billion in 2028.

That’s why ten years ago we created a new way to protect your data: tokenization, which replaces the 16-19 digit card number with a randomly generated number. The actual information about your card is never transferred during a transaction, and if hackers steal your token in a data breach, it will be essentially worthless.

In 2013, Mastercard developed a tokenization standard that was later adopted as an industry standard by EMVCo, a consortium that manages payment standards around the world. The following year, Mastercard introduced a tokenization service, Mastercard Digital Enablement Service, as part of the launch of Apple Pay.

Today, around a quarter of Mastercard transactions globally are tokenized, a phenomenon that is accelerating by 50% year-on-year as it has proven effective in reducing e-commerce fraud while improving acceptance rates. It reduces the security burden on merchants, payment service providers and banks and increases everyone’s confidence in the digital economy.

Tokenization is enabled by the issuing bank and requires no effort on the part of the consumer or the need to re-issue existing cards. In fact, tokenization makes automatic payments even more seamless. Let’s say the card you use to pay for your Netflix subscription expires. Your token doesn’t do this, so you don’t need to visit your Netflix account to update your card details.

Tokenization itself will not change the way online transactions are carried out. This is the first step. We also make it easier to embed Click to Pay, our online checkout solution, on merchant sites and enable our banking partners to set Click to Pay as the default card feature through automatic cardholder registration.

Finally, we introduce payment keys to online transactions using biometric authentication on the device most people already use to log in to their phone and other accounts, eliminating the need to remember passwords or check texts or emails for one-time codes access . We rely on industry standards to enable cardholders to easily create Mastercard keys during checkout or in their issuer’s banking app.

We can bring the same security, simplicity and speed of online transactions that contactless solutions have created in today’s physical world. By taking issuing and acquiring banks with us on this journey, we can make this happen sooner than you think.