Global credit card and payments services provider Mastercard has outlined its vision to fundamentally transform the way Australians make online payments in a bid to tackle a near $900 million card per year fraud problem.

A principal objective of the five-year plan is to eliminate manual entry for card details and passwords. Instead, Mastercard will seek to employ “one-click” biometric verification for card payments, with consumers able to “securely access their available cards, directly from their financial institution, using just their e-mail address and a smile to verify their identity.”

“Manually entering card details, passwords, or one-time PINs (OTPs) will become a thing of the past, replaced by a highly secure email lookup, protected by biometrics,” Mastercard said.

Among the key initiatives of its five-year plan include one-click biometric checkouts, numberless cards (which in most cases do away with the use of 16-digit card numbers), and the ability to generate unique, one-time “stand-in” card numbers for specific transactions, including enhanced controls for location, budget, merchant, and spending categories.

Mastercard notes that it will move to secure 16-digit card numbers within banking apps “before the end of the decade”, with trusted banking apps to serve as the “control tower” for all consumer payments.

As well, Mastercard will enable a ‘one card, multiple payment options’ feature, enabling a single digital card to provide either debit, instalment, credit, or prepaid payments. Cardholders will be able to set their payments preference based, for instance, on the transaction amount or shopping location, with payments automatically routed through their chosen payment setting.

These new features will be backed by a newly introduced real-time payments processing capability on Mastercard’s Australian network. This accelerated settlements process will enable businesses to more quickly access funds, ultimately improving cash flow, while consumers gain greater transparency around their balances.

To enable its new biometic-backed security features, Mastercard notes that all newly issued cards in Australia will be automatically enrolled in Mastercard Payment Passkeys, which replaces OTPs with either facial or fingerprint recognition.

Additionally, Mastercard users will be added to Mastercard Click to Pay, an online checkout service enabling payment credentials to be directly added from the cardholder’s financial institution through an authenticated email address.

“Compared to current checkout experiences, Click to Pay requires only one point of data entry, and as few as four keystrokes to complete a transaction,” Mastercard wrote.

In tandem, the credit card giant, in an effort to prevent payment credential theft, said it will also move to prohibit local merchants from storing non-tokenised card numbers on file.

Mastercard division president for Australasia, Richard Wormald, said the five-year vision underscores its “commitment to collaborating with our partners to bring the very latest in simple, secure, and seamless payment innovations to Australians around the country”.

“By ensuring that our technology evolves to meet both current and emerging threats and cardholder needs, we are not only safeguarding those in the ecosystem but also solidifying Australia’s position as a global leader in the rollout and adoption of cutting-edge payment technology.”

AusPayNet figures show that Australian card users lost around $868 million to card-related fraud in FY2024, a fraud rate of 77.6c per $1,000 spent.