EMVCo has released a draft framework that could pave the way for a universal standard for verifiable digital credentials in card‑based payments, a move that could make online checkout both more secure and less cumbersome.
As verifiable digital credentials continue to gain traction for secure digital transactions, EMVCo is working to ensure that its data structures remain consistent, regardless of the wallet or payment network used.
If adopted, the framework would allow merchants to implement a single standard for digital credential authentication across payment ecosystems instead of managing multiple wallet-specific integrations.
Balancing Security with Friction
Verifiable digital credentials are digital, wallet-based versions of everyday documents, such as ID cards and driver’s licenses, that allow users to prove their identity or other attributes online.
Their widespread adoption could represent a big step forward for merchants, many of whom currently rely on a patchwork of solutions to verify customer identities in e-commerce and other card-not-present payment environments. Not only are those methods cumbersome, but real reductions in fraud and risk have also proved elusive.
One process that has proven effective is 3D Secure, in which consumers are presented with a prompt from their card issuer to enter a code sent by email or text message. The process is effective enough that, when successfully presented from the merchant and completed by the consumer, fraud liability shifts from the merchant to the card issuer. Yet many merchants choose not to use it because of the friction it adds to the checkout process.
“This digital authentication process proposed by EMVCo has the potential to be equally effective in reducing fraud, but without the added checkout friction of 3DS,” said Don Apgar, Director of Merchant Payments at Javelin Strategy & Research. “However, the only way to advance it to the point of a liability shift in favor of merchants under card brand rules is by implementing it under verifiable standards like those proposed by EMVCo.”
The Standard Makers
EMVCo is seeking industry feedback on its proposed framework until July 23. In addition to standardizing how digital payment credentials are structured, the organization is also exploring how the same framework could eventually support payment initiation.
As a global technical body, EMVCo develops and maintains the standards for chip cards and the terminals that accept them. The organization is collectively owned by American Express, Discover, JCB, Mastercard, UnionPay, and Visa, with strategic partners including the FIDO Alliance, OpenID Foundation, and the W3C.
