Tag Archives: FIDO

DPCs Great Idea with a Long Way To Go

Posted on by
4

© Starpoint LLP, 2026. No part of this site, blog.starpointllp.com, may be reproduced or retransmitted, in whole or in part, in any manner without the permission of the copyright owner. Also, see our Legal/Disclaimer (this is a highly opinionated and partially informed blog). Enterprise readers, please consider an Enterprise Subscription (not required for Starpoint Clients). 

Executive Summary

I’m fortunate to chat with a diversity of large payment network stakeholders. As most of you know, I view the challenge in payments more from a political/incentive viewpoint than a technical one. The alphabet soup of new standards is hard to keep up with, but be assured that each one has a proponent (who benefits) and a group of resistors. Innovation in a network is hard, as existing stakeholders have built assets and competitive positions based upon how things work today. Today’s blog covers DPCs. DPCs may not be the biggest threat, but they are the newest. I’m not going to attempt a deep tech dive into DPCs; my effort is focused more on the challenges faced by any new payment innovation to gain traction and scale. Network effects are hard to beat!

Why read this blog? My readers know I view identity and authentication as part of the core “bundle” of payments, and Visa/MA are the de facto identity infrastructure of the internet because they unlock the power of banks (ie KYC) within a commercial framework with active governance. Today we are breaking down the latest “threat”: Digital Payment Credentials (DPCs) within Agentic(ie Gemini, GPay). The quick summary is that DPCs are an amazing technical innovation without a commercial framework or active governance, and thus will be challenged to operate separately from established networks (just like Stablecoins). This 23 page monster blog is a breakdown of the politics and the tech.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

AP2 Donation to FIDO 

Posted on by
Reply

Yesterday Google donated AP2 to the FIDO Alliance , let me share my thoughts on what this means.  

  1. Effort to drive cross-industry standardization and extend Google’s established success within the FIDO ecosystem (log in with Google) while addressing the structural limitations of FIDO.

  2. A “tipping point” transition from “Identity as a Service” to “Identity as an Infrastructure,” where the mobile handset functions as the primary root of trust for autonomous commerce. Google is telling FIDO that they must incorporate elements of W3C VCs to have a future.

  3. Google’s first big public move toward device bound credentials (Titan M2, Anroid Credential Manager, Android Ready Alliance, …etc).

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Machine to Machine Transactions: How to Resolve Trust and Governance Gaps. 

Posted on by
Reply

FIDO, VC, AP2, Tokenization, Credential Issuance, Biometrics, …etc

Executive Summary

The transition to agentic, machine-to-machine (M2M) commerce creates a profound governance gap that existing technology-first standards cannot fill. Today, human-in-the-loop (HIL) transactions, whether at a point-of-sale or in eCommerce, are secured not by technology alone, but by the robust, contract-based governance and risk-allocation models of networks like Visa and Mastercard. As stated previously, V/MA are the identity infrastructure for the internet and identity is the core “shaping force” for all new payment schemes.

Continue reading

2025 Tech Tsunami will Expand Network Role (and VAS)

Posted on by
Reply

A snarky blog. My views on why the role of card networks will grow in the midst of this change (along with Network VAS).

Buckle up buttercups, because the commerce, banking, and payments world is getting a facelift so extreme, it’ll make a Kardashian look like a Luddite. If you thought Web 3.0 and its decentralized pipe dreams were the next big thing, bless your heart. AI and Agentic Commerce are the actual party, and they’re about to flip the table.

Continue reading

Big News – Google I/O 2025 – Payments View

Posted on by
Reply

Google I/O is going on today and tomorrow and they just announced a vast array of new products and services (Google CEO’s blog). Today’s blog is a quick drill down on payments and specifically what “Buy for me with GPay” means for the payment ecosystem (and agentic commerce).

As discussed in Commercial Models for AI Agents, the network and economics surrounding agentic commerce is far from settled. The lack of a clear commercial model and a robust trust framework has impeded Agentic’s growth as commerce is a multi-sided network. Google’s strategy appears to directly address these deficiencies by deeply integrating GPay as a core component of its agentic offerings. This integration aims to provide the necessary layers of trust, security, and transactional capability that have been missing. It also may provide an additional pricing mechanism for agentic transactions.

As outlined in today’s Stratechery the “lack of payments” were part of the original sin of the internet. A “sin” that Google is fixing in Agentic by creating a complex network that unites search, ML, agent-based action, payments, advertising network, billions of devices, consumer-controlled data for personalization, which will redefine eCommerce (and recapture product search). The price of entry? Merchants need to add the GPay button.

To be clear, merchants will still endeavor to use AI in order to create a better customer experience for those customers that enter their domain. But for consumers, the Google offering will be hard to beat as Google leverages their data and preferences across every device to enable customer interaction through purchase.  While Amazon will likely maintain a solid position, most consumers will not start search within a merchant domain. Agentic originated transactions present a new type of demand, fully qualified consumers with a valid payment instrument and transaction request. A transaction type that should operate in a 100% conversion model (ie no abandonment). With GPay, Google provides the consumer authentication and risk data for merchants to decision the transaction.

Continue reading

eCommerce Acquiring – Beyond Tokens – The Next Big Wave of Improvement

Posted on by
2

Short Blog

© Starpoint LLP, 2025. No part of this site, blog.starpointllp.com, may be reproduced or retransmitted in whole or in part in any manner without the permission of the copyright owner.

Adyen was the largest network “tokenizer” and realized the benefits through enhanced authorization rates and reduced fraud. As I explained in Tokens and Binding 101, this history of tokens in payments is long, with each stakeholder maintaining an ability to tokenize. While all token strategies protect data, network tokens differ in RULES, binding (to a customer and device) and acceptance. For example, Visa’s Cloud Token Framework (CTF) and Mastercard’s Digital Enablement Services (MDES) address 6 key areas:

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

eCom 2025 

Posted on by
Reply

18 months of Revolutionary Change in How we Buy Online

Short Blog

Follow up to my June 2024 blogs – eCom Politics and Scenarios and Fastlane + FIDO Enabled Checkout. Today, we focus on the changes, what merchants are asking for, and what consumers will adopt (and when). 

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Google Secure Payment Authentication (SPA)

Posted on by
Reply

Read First – Blog on SPA from Checkout.com

Background Reading – June blog eCom politics and Scenarios, and Identity, Authentication and Risk

What’s the big news here? SPA allows Google to stand at par with ApplePay in providing the best-authenticated checkout experience. Google looks to have taken TWO MASSIVE pieces out of the authentication process: 1) 3DS handshake (putitting in Cryptogram and 2) A step up from the Issuer (possibly – a significant portion of this blog). This is a generational improvement and massive simplificaiton of the current 3DS flow.

The mobile platform is key to authentication and Google is the preferred partner of every bank, merchant and network. Their challenge in SPA? Doesn’t seem Checkout.com coordinated with the networks on SPA (ie liability shift OR step up). I think it will get worked out as the quality of this innovation is just fantastic.

As I wrote in June, ApplePay 2.0 plans to cross the chasm from mobile only to desktop (as announced at WWDC). Google is proving that they have the same capability, as Chrome makes up about 10-12% of eCom and over 30% of guest checkout at most retailers; they are positioned well (particularly in Android markets).

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us