The online checkout page is a flashpoint for merchants. It’s a critical moment for finalizing purchases, fostering loyalty and possibly for making additional sales—but it’s also where customers can drop off. The payment process itself can be a major push factor. Lengthy forms asking for comprehensive card details and addresses; customers having to switch to a separate app to approve the transaction. “Every extra field, every password prompt, every moment of hesitation costs conversions,” says Sandra Mianda, CEO of payment consultancy Paypr.work. It’s estimated that around 25 percent of abandoned baskets are due to the checkout process taking too long.
These lost sales hurt merchants. They not only represent missed revenue, but can dent satisfaction and make it less likely a customer will return. Fraud adds further complexity. Online payments are about eight times more likely to be fraudulent than payments made in-store. For merchants, this can lead to chargebacks: money a business thought it had taken may end up getting reclaimed by a cardholder’s bank.
But things are changing. A wave of innovation is reimagining the digital checkout to make it faster, safer, and more seamless—closer to tapping a contactless card or mobile wallet in a physical shop. Here are three innovations to watch…
.jpg)
A big shift is underway in European payments. Click to Pay is a checkout solution built on a set of industry standards that simplifies the online checkout process to make it consistent, convenient, and secure.
Here’s how it works. First, consumers register through their banking app, or online when they check out as guests. Then, whenever they’re shopping online, consumers look for the “Click to Pay” icon during checkout. This does what it says on the tin—all the shopper has to do is prove their identity either via a one-time code or their device’s biometric features, and the payment is initiated. No card details required.
Mastercard was instrumental in developing Click to Pay and sees it becoming the norm in online payments. The card network has a vision to eliminate manual card entry completely by 2030. “What we’re trying to do is make payments as seamless and as good as in the physical world, so that friction disappears,” says Brice van de Walle, Executive Vice President, Core Payments for Mastercard Europe.
Under the hood, Click to Pay is powered by tokenization—a security process for protecting personal card data. A token is a random string of numbers and letters that functions as a ‘stand in’ for a 16-digit card number throughout the various stages of the payment process. Only the payment system facilitating the whole transaction behind the scenes can map this back to the original card information. This reduces fraud since it means that the shopper’s card details are not sent over the web or stored by a seller, so by definition they can’t be stolen. “If the merchant is hacked, the fraudster only captures the token, which is completely useless outside of that context,” says van de Walle.
Mastercard says tokenized payments made through Click to Pay enjoy approval rates between three and six percent points higher than traditional card number-based transactions. It eliminates factors such as miskeyed card details, plus it substantially reduces the risk that a transaction might be fraudulent. The corresponding drop in chargebacks saves time and costs related to disputes, and increases certainty over revenue.
Momentum around Click to Pay is building, with early traction in sectors like ticketing and groceries—areas where people often prefer not to create an account but check out as a guest. As more merchants enable it, and as more consumers come to expect one-click payments, the vision of a web without manual card entry is beginning to look real. There may come a point when consumers actively switch to merchants who offer this facility.
.jpg)
Merchants want to offer secure payments, but every extra step at the checkout page risks losing sales. If a merchant holds a customer’s card details on their site, for example, a customer might be prompted to enter a password before paying with them. While this protects the shopper, it can also frustrate them—leading to an abandoned basket.
There was a time when that problem seemed intractable. But a recent idea in cybersecurity aims to replace passwords with a more convenient alternative: passkeys.
“Passkeys are basically Face ID for websites,” says Vincent Delitz of Corbado, a company specializing in large-scale deployments of the technology standard. At least, that’s how it feels to the user. On a technical level, passkeys replace passwords with cryptographic keys stored securely on the user’s physical device. Each passkey is paired with another cryptographic key stored by the merchant, a bit like two jigsaw puzzle pieces that fit only with each other. All the user has to do is prove their identity—usually with a biometric like a face scan—and the ‘puzzle pieces’ connect in the background to authenticate them.
Passkeys can be used to secure any account that traditionally would require a password, such as your email, your social media, or your account with a retailer. They can also be used to authenticate payments, an option that Mastercard now supports, both for guest checkout transactions and those when the customer card is stored on file. This is a natural bedfellow for Click to Pay, too, as it can remove the only remaining moment of friction from the user experience: completing the checkout process can be as simple as looking at your phone’s camera.
Passkeys are built on standards set by the FIDO Alliance, a global industry group made up of big tech companies, banks, and payment networks. The technology is not only more convenient than passwords, as you don’t have to remember them, they are faster too. Passkeys authenticate four to six times more rapidly than passwords, according to Corbado’s data. They are also, crucially, more secure. “By definition, passkeys are phishing resistant,” says Delitz. “Even if the user wants to use a passkey on a fake or fraudulent website, they just cannot do it.”
The journey to adoption is underway; over 94 percent of devices are now passkey-ready. “But passkeys are still quite new,” says Delitz, so consumers need to learn to trust them. They also aren’t completely hassle-free: if you lose or switch devices, you need to set up new passkeys. Yet Corbado’s data suggests that once a business rolls them out, 50 to 80 percent of users switch to passkeys as the default option within months.
.jpg)
Beyond passkeys and tokenization, a more radical change is potentially on the horizon: AI that handles checkout on behalf of shoppers.
AI agents, software capable of taking actions to complete tasks on behalf of humans, are widely expected to become instrumental in the research, comparison, and perhaps even purchase of products. Instead of filling online baskets, customers could delegate routine shopping to an AI personal assistant. “Agentic AI is the equivalent of a personal shopper,” says futurist Matthew Griffin, who has a specialism in fintech. “You would say, ‘I’m looking for a men’s shirt for a conference.’ And it would say: ‘I think this is the one for you.’ You click the ‘yes’ button, and the payment just completes from within the chat window. There’s no traditional checkout page.”
For consumers, that means extra convenience and new forms of shopping experiences. Imagine, for instance, having an agent that monitors prices around the clock and will buy a given item, such as a concert ticket, if it becomes available on trusted marketplaces at that price.
For merchants, the picture would be more complex. Although they would be trading off the upsell and re-engagement opportunities that come with having a customer buy through their own website, selling through AI agents promises higher conversion rates. It should be particularly advantageous to businesses who don’t show up on the front page of search engines and therefore struggle to compete with big players.
AI agents could help businesses themselves shop, too. Procurement agents, for example, could potentially scan vast product ranges, negotiate deals and complete purchases in minutes. “These transactions might take weeks for dedicated procurement teams run by humans,” says Griffin, "but could soon be instantaneous and be done at almost no cost."
To capture those benefits, merchants will need to integrate with agent-friendly APIs and payment systems, ensuring their products are visible to—and purchasable within—these new channels.
Mastercard is preparing for this future with Agent Pay, a set of APIs designed to let AI assistants initiate tokenized payments safely. “Our role is to ensure that AI agents pay only for consumer-authorized and requested transactions—and nothing else,” says van de Walle. Essentially this means capturing explicit customer intent before payments are made. As the company puts it: “We’re creating a future where user intent isn’t assumed—it’s verified, consented, and central to every transaction.”
Taken together, these innovations don’t just smooth the edges of the checkout. They signal a structural shift, with tokens securing payment credentials, passkeys transforming identity verification, and agents potentially reimagining the purchasing journey entirely. For merchants, that means competing not just on products and prices but also on compatibility with the new, rapidly evolving paytech landscape. And as those technologies continue to evolve, businesses that stay ahead of the curve stand to turn payments themselves into a competitive advantage. “Track developments through the lens of cost, conversion, compliance, and customer experience—not just technology for its own sake,” says Mianda. “The best approach is to stay engaged in forums, networks, and conversations that link innovation back to practical impact.”
