Mastercard will remove the 16-digit card number from credit and debit cards by 2030, replacing it with tokenisation and biometric authentication to improve payment security.
Tokenisation replaces a card number with a unique digital identifier stored on a user’s device, reducing the risk of sensitive data being exposed during transactions. Biometric authentication, such as fingerprint or facial recognition, will also be used to verify transactions.
Addressing Payment Fraud
The decision to eliminate card numbers follows rising fraud levels globally. Card-not-present fraud, where stolen card details are used for unauthorised online or phone transactions, accounts for a significant proportion of payment fraud. Cybercriminals frequently obtain card details through data breaches, phishing scams, and other illicit methods, leading to financial losses for businesses and consumers.
Recent high-profile data breaches have exposed millions of customers’ payment details, affecting businesses across multiple industries. By removing credit card numbers, Mastercard aims to reduce the risk of stolen details being used in fraudulent transactions.
Impact on Jewellers and Retailers
Jewellers may need to adapt to tokenisation and biometric payments in several ways:
- Reduced Fraud Risks – With fewer opportunities for card data theft, the risk of fraudulent online transactions could decrease, potentially reducing chargebacks and financial losses.
- Technology Upgrades – As biometric payments and mobile wallets become more common, jewellers may need to ensure their payment systems are compatible with evolving technologies.
- Customer Payment Preferences – While many customers may adopt biometric and tokenised payments, some may still prefer traditional payment methods. Retailers should ensure multiple payment options remain available.
Challenges and Considerations
While Mastercard’s transition is expected to enhance security, it raises some potential concerns:
- Access to Digital Banking – Tokenised payments require a smartphone or banking app, which could exclude customers who do not use digital banking services.
- Mobile Security Risks – With card details shifting to digital platforms, criminals may focus on hacking smartphones or telecom networks through scams such as SIM-swapping.
- Biometric Data Security – Unlike card numbers, which can be replaced, biometric data is permanent. If compromised, affected individuals could face long-term security risks. Previous breaches, such as the exposure of fingerprint and facial recognition data in the BioStar 2 security breach, highlight the potential risks.
The Future of Physical Cards
Removing card numbers aligns with a broader shift toward digital payments. Mobile wallet transactions continue to grow globally, with many consumers opting for smartphone-based payments instead of traditional cards. Some retailers are also adopting checkout-free shopping technologies that eliminate the need for card payments altogether.
Jewellers and other retailers will need to keep pace with evolving payment technologies while maintaining flexibility for customers who continue to use traditional payment methods.
