Entersekt and Netcetera implement FIDO authentication standard for PLUSCARD – A first in Europe

Share this post

Secure online credit card payments without a mobile device

Nowadays, the convenience of being able to shop online with a credit card, quickly and easily, is more important than ever. But how do we ensure online payments are protected from fraud? Various methods exist that can prove the identity of shoppers. However, most modern methods require a mobile device. For customers that do not have one or prefer to make payments via a laptop or computer, there are very few secure alternatives available. Until now: In a joint project, PLUSCARD, a full-service processor for numerous card-issuing institutions across Germany, Netcetera, a market leader for digital payment solutions, and Entersekt, a specialist in strong customer authentication, launched the first FIDO-certified alternative to app-based authentication in Europe in June 2021. The solution enables secure online credit card payments without the use of a mobile device.

Every online payment must be authenticated. This means that each transaction requires a verification of whether the account or card data were entered by the legitimate cardholder. This authentication procedure has become more complex in the EU due to the introduction of PSD2 and strong customer authentication (SCA). Under the regulation, processing via mobile devices guarantees compliance with the stricter requirements, while offering a better payment experience for consumers at the same time.

FIDO is an international authentication standard that offers an alternative for secure, easy and SCA-compliant payments without the use of a mobile device. PLUSCARD, Netcetera and Entersekt have implemented the FIDO standard in their joint solution. Entersekt has integrated the FIDO server into the solution, which is certified by the FIDO Alliance. Authentication is handled via a physical token. Customers receive this token from the bank for use on their computer. They simply register the token via a registration page. The token is then linked to the credit card and customers can easily authenticate their online transactions.

“Customers without a mobile device now have the option to approve their online payments conveniently and securely with the FIDO token” says Thomas Niederauer, Product Manager at PLUSCARD. “Together with Netcetera and Entersekt, we have implemented a future-proof solution with the FIDO standard. So far, this is a unique alternative to app-based authentication in the German market.”

Netcetera, an expert in digital payments, is a long-standing partner of PLUSCARD and has successfully implemented this secure and user-friendly authentication solution. Bernhard Binz, Project Manager at Netcetera comments, “A FIDO token is much more secure than a transaction number sent via SMS and therefore the better choice for end customers. This is the second successful solution we have developed for PLUSCARD. Together, we were the first in the payments industry to introduce app-based authentication 5 years ago and now we are again taking a leading role in the market with the first FIDO implementation.”

“With the certification of our FIDO server, we have significantly expanded our portfolio of state-of-the-art authentication solutions. The implementation of a FIDO2 USB Security Key at PLUSCARD is an important first step. Further applications such as authentication with FIDO authenticators in the form of notebooks and smartphones will follow. We are proud to open this new chapter of payment authentication together with PLUSCARD and Netcetera”, says Uwe Härtel, Country Manager Central Europe at Entersekt.

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?