TORONTO—SecureKey is developing new payments technology that will allow consumers to use their mobile devices to enable fast authentication at the point of sale.

“All cardholder data is encrypted, and you can use any mobile wallet,” said David Mahdi, director of product marketing as SecureKey. “We add the device authentication.”

The new technology is still being built, and should be ready within the next year, Mahdi said. The new payments service will leverage SecureKey’s  “bring your own credential” technology, or a form of federated identity that leverages a user’s computing device and pre-existing account credentials as part of a dual authentication model.

When applied at the point of sale, consumers will be able to access multiple payment options but use a common authentication process, Mahdi said. To make a payment, consumers who have registered their mobile device with SecureKey use the device’s QR code reader and SecureKey’s authentication technology to choose an item they want to buy, confirm the purchase and secure the transaction.

“Electronic commerce has to be frictionless,” Mahdi said. “People will simply use another way to pay if the authentication is too hard.”

SecureKey’s product line includes briidge.net connect. Tablets, smartphones and other devices can use SecureKey’s device fingerprinting technology to read Visa, MasterCard, Discover, American Express and Interac cards, and deliver cryptographic card data to payment networks.

SecureKey also allows users to authenticate themselves to make payments in a variety of venues and e-commerce sites by using their primary banking credentials, or the “what you know” part of authentication. Since SecureKey acts as an ID broker that sits between the bank and the user, the bank does not know what sites the user is visiting, providing an extra layer of privacy.

Similar systems use social network credentials to authenticate users, but Mahdi says that method provides less privacy. “The [social network sites] want to know who you are visiting,” Mahdi said.

Toronto-based SecureKey has attracted investment from Intel Capital. Intel uses SecureKey’s software in its Ultrabook product line.  Other investors include Visa; MasterCard; Discover; Rogers Venture Partners, the funding source backed by Rogers Communications, and Telus.

SecureKey also recently won two major government contracts. The Canadian government hired SecureKey to launch a program called SecureKey Concierge, a credential broker service that allows Canadians to use their bank credentials to access online services from the Canadian government.

“You can use the service to pay taxes, for example, without having to use the old tax identification system, which most people don’t remember,” Mahdi said.

The United States Postal Service also hired SecureKey to provide authentication for the Federal Cloud Credential Exchange (FCCX). FCCX is designed to enable people to access online services such as health benefits, student loan information and retirement benefit information from multiple government agencies without requiring different passwords or identification for each service. 

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry