Visa has launched Visa Payment Passkey in India, introducing biometric authentication for online card payments and reducing reliance on SMS-based one-time passwords. The service has gone live with IDFC FIRST Bank and will allow Visa cardholders to approve online transactions using the same device-based methods they use to unlock their phones, including fingerprint, facial recognition, PIN, password or pattern.
Biometric Authentication for Card Payments
The solution is initially available for select users shopping on platforms including Myntra, Paytm, MakeMyTrip, Tata Starbucks, Reliance Digital and EatSure. Fintech partners such as Juspay, Razorpay, PayU, Pine Labs, BillDesk, Wibmo, M2P Fintech and Paytm Payment Services will help expand adoption across merchants.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
Built on global FIDO authentication standards, the launch follows the Reserve Bank of India’s September 2025 framework that permits alternative authentication mechanisms for digital payment transactions beyond SMS-based OTPs.
Visa expects the move to reduce checkout friction, improve payment success rates and help counter phishing-led fraud. Nearly two-thirds of transactions on Visa’s India network now originate from e-commerce, where authentication failures, phishing attacks and payment drop-offs remain major concerns.
Fighting OTP-Based Fraud
Ramakrishnan Gopalan, Head of Products for India and South Asia at Visa, said OTPs had worked for many years but fraud and social engineering had evolved around them. He said Visa wanted to offer consumers an alternative that is intuitive, contextual and more secure.
Unlike passwords and OTPs, passkeys are cryptographic credentials stored securely on a user’s device. Visa says this makes them resistant to phishing because they cannot be copied, intercepted or shared.
The company believes India could become one of the most advanced markets for passkey-enabled payments because e-commerce card transactions are already protected through tokenisation. Gopalan said India is fully tokenised for e-commerce card transactions and that adding passkeys on top of tokenisation could help the market move ahead of several developed economies.
Expansion Across Payment Ecosystem
Suresh Sethi, Group Country Manager for India and South Asia at Visa, said the launch represents the next stage in India’s digital payments journey. He said Visa Payment Passkey adds another layer of protection, reduces friction and strengthens trust at checkout.
Visa plans to make the service available across banks, payment gateways, payment aggregators and merchants, rather than restricting it to select institutions. Consumers will need to register once and can then use the same authentication experience across participating merchants and platforms.
The launch also reflects a wider shift in how payment companies are responding to digital fraud. Visa says moving authentication to users’ devices can reduce risks linked to phishing, fake customer-care calls and attempts to trick users into revealing OTPs. The company also sees passkeys as a foundation for agentic commerce, where trusted credentials and strong authentication may allow AI assistants to act safely on behalf of consumers.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
