Netcetera and Entersekt implement FIDO authentication standard for PLUSCARD – A first in Europe

Nowadays, it is convenient to make quick and easy online purchases with a credit card. But how do you protect online payments from fraud? There are various methods to prove the identity of buyers. However, most modern methods require a mobile device. For customers who do not have one or who prefer to make payments via computer, there have been few secure alternatives for payment approval. Until now: In a joint project, PLUSCARD, full-service processor for numerous card-issuing institutions across Germany, Netcetera, and Entersekt, specialist in strong customer authentication launched the first authentication alternative according to the FIDO standard in Europe in June 2021. This promises secure, unlimited credit card payments online without the use of a mobile device.

Every online payment must be authenticated. This means that for each transaction, it must be checked whether the account or card data were entered by the actual cardholder. This authentication procedure has become more complex in the EU due to the introduction of PSD2 and strong customer authentication (SCA). Here, processing via mobile devices guarantees compliance with the stricter requirements with a better payment experience for consumers at the same time.

FIDO is an international authentication standard that offers an alternative for secure, easy and SCA-compliant payments without the use of a mobile device. PLUSCARD, Netcetera and Entersekt have implemented the FIDO standard in their joint solution. Entersekt has integrated the FIDO server into the solution, which is certified by the FIDO Alliance. Authentication is handled via a physical token. Customers receive this token from the bank for use on the computer. The customers register the token via a registration page that has been set up. The token is then linked to the credit card and they can easily authenticate their online transactions.

“Customers without a mobile device now have the possibility to approve their online payments conveniently and securely with the FIDO token” says Thomas Niederauer, Product Manager at PLUSCARD. “Together with Netcetera and Entersekt, we have implemented a future-proof solution with the FIDO standard. So far, this is a unique alternative to app-based authentication on the German market.”

Netcetera, an expert in digital payment, is a long-standing partner of PLUSCARD and has successfully implemented this secure and user-friendly authentication solution. Bernhard Binz, Project Manager at Netcetera comments: “A FIDO token is much more secure than a transaction number sent via SMS and therefore the better choice for end customers. This is the second successful solution we have developed for PLUSCARD. Together, we were the first in the payments industry to introduce app-based authentication 5 years ago and now we are again taking a leading role in the market with the first FIDO implementation.”

“With the certification of our FIDO server, we have significantly expanded our portfolio of state-of-the-art authentication solutions. The implementation of a FIDO2 USB Security Key at PLUSCARD is an important first step. Further applications such as authentication with FIDO authenticators in the form of notebooks and smartphones will follow. We are proud to open this new chapter of payment authentication together with PLUSCARD and Netcetera”, says Uwe Härtel, Country Manager Central Europe at Entersekt.