Cred enables Face ID, fingerprint authentication for UPI payments | Company News – Business Standard

https://www.business-standard.com/companies/news/cred-enables-biometrics-for-upi-payments-face-id-fingerprint-126032500766_1.html

Clipped from: https://www.business-standard.com/companies/news/cred-enables-biometrics-for-upi-payments-face-id-fingerprint-126032500766_1.html

Cred introduces biometric authentication for UPI payments, allowing users to use Face ID or fingerprints instead of PINs for added security and convenience

The focus on biometrics comes at a time when multiple market participants have rolled out alternative forms of payment authentication

Listen to This Article

Payments platform Cred on Wednesday said it has enabled biometric authentication such as Face ID or fingerprints for its users to authorise Unified Payments Interface (UPI) transactions.

This acts as an alternative to traditional PINs (personal identification number) for UPI payments.

The company said biometric authentication for UPI was available for transactions up to ₹5,000 for iOS and Android operating systems.

“This feature enables members to securely use the authentication method enabled on their own devices (iOS and Android), in line with regulatory guidelines. It adds a stronger layer of protection against fraud through PIN exposure and increases transaction reliability by preventing instances of incorrect or mistyped PIN,” the company said in a statement.

The focus on biometrics comes at a time when multiple market participants have rolled out alternative forms of payment authentication.

For instance, global card networks Mastercard and Visa are introducing passkeys that will allow users to authenticate card payments with face scans or fingerprints, eliminating the need for one-time passwords (OTPs).

Companies such as PhonePe and NPCI BHIM Services Limited’s (NBSL) Bharat Interface for Money (BHIM) app have also rolled out the biometric method of authentication for users.

Biometric authentication, as an alternative to PINs, is expected to enhance security, addressing issues such as forgotten PINs, repeated or weak patterns, and vulnerabilities to screen mirroring exposed through malware attacks.

The Reserve Bank of India (RBI) mandates that all digital payments should be authenticated by at least two distinct factors of authentication.

In the case of UPI, at least one of the factors of authentication is required to be dynamically created or proven, paving the way for biometric authentication rollout.

This implies that the proof of possession of the factor, being verified as part of the transaction, remains unique to that particular payment.