Multi-factor verification steps currently used for authenticating online purchases, e.g., one-time codes sent to a phone, can prove to be a hurdle for some customers. This disclosure describes a strong customer authentication technique, referred to as secure payment authentication (SPA), that enables users to authenticate online transactions using device-bound tokens. Authentication is driven by payment service providers, and a simple device unlock can confirm a transaction. Strong customer authentication is made possible with just a single (or even zero) click. Cross-device authentication can be enabled, such that a customer can authenticate themselves on a payment app on a mobile device while performing transactions on a second device such as a laptop, etc.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.