SPA Enters Third Decade – Biometrics – Instant Payments – 2025 Market Trends And Workstreams - SPA Newsletter - February 2025
Dear Colleagues,
As SPA enters its third decade, there is little doubt that 2025 promises to be another exciting year for the payments industry, with new technologies and capabilities set to reshape how consumers and merchants transact.
In this first newsletter of 2025, we briefly reflect on last year’s work, provide an update on our new biometric card initiative, and review the latest developments on instant payments. We also explore the top payments trends for the coming year.
Celebrating 20 years - and more - in 2024
Last year saw SPA commemorate a landmark 20-year anniversary. As the trade body representing the secure payment technology industry, the SPA and its members have played a significant role in driving payment innovation forward and shaping the European and global payments landscape.
To celebrate these achievements, in December SPA hosted a 20th Anniversary event in Brussels, welcoming Eric Ducoulombier – Head of Unit, Retail Financial Services at DG FISMA, European Commission – as the keynote speaker.
The evening provided an opportunity to reflect on just how far our industry has progressed. Back in 2004 when SPA was first founded, 300 million payment smart cards were shipped globally by its members. Today this figure has increased 10-fold to over 3 billion and counting – highlighting the enduring relevance of smart card technology in today’s digital era.
From contact to contactless cards utilizing NFC technologies, through to new digital form factors supporting tokenization and Secure Elements based mobile payment applications, SPA has been at the forefront of the innovations that have helped redefine the payments landscape.
Biometric cards
Biometric authentication on the payment smart card represents a major transformative development for our sector. In our last newsletter we announced the creation of a new Biometric Payment Card Working Group, whose first task was to address the standardization and interoperability of the biometric card enrolment step.
Creating the specifications for this interoperability layer represents a crucial first step towards enabling the widespread adoption and usage of biometric payment cards by issuers and users in a streamlined, standardized, and systematic way.
SPA can now announce that the Biometric Payment Card Working Group is close to finalizing the initial interoperability specifications that will underpin on-card biometric enrolment solutions. A first draft of these specifications will be made available through our Standardization Working Group in early March.
SPA members and ‘Standardization’ Advisory Council members will be able to review these specifications and contribute to this ongoing program of work and SPA welcomes interest from non-SPA members that would like to participate and review the specification to join this workstream.
The SPA offers three types of membership levels (Executive, Full and Associate) and several Advisory Councils linked to a specific workgroup opened to non-members, with a variety of benefits, privileges, and annual dues designed to match each organization’s interests and market requirements.
Instant payments
Momentum across the payments ecosystem continues to gather pace around instant payments at the Point of Sale (PoS). A growing number of QR code providers are now embracing NFC technology and form factors that support initiating instant payments at the till. Significantly, Apple’s recent move to open up access to its NFC technology and allow developers to embed NFC contactless functionality for apps on the iPhone represents a major step forward.
These positive developments illustrate how this long-anticipated industry shift is gaining traction. For the past five years, SPA has helped drive this initiative forward and we continue to work with the European Payment Stakeholder Group (EPSG) and EU’s Payment Systems Market Expert Group (PSMEG) to make secure instant payments at the PoS a reality and extend payment choice for consumers.
SPA is also currently working with the EPSG to ensure delivery of a security model for instant payments that features a common contactless interface for both cards and instant payments.
Market trends for 2025
Looking ahead at the key focus areas and top trends set to dominate our work in 2025, we take a quick look at what’s on the horizon.
eIDAS wallet
SPA has been appointed by the EPSG to represent the industry in two large scale pilot projects designed to test-drive the specifications of the eIDAS wallet across a wide range of use cases, including the authorization of payments. During 2025, SPA as co-chair of the EPSG Innovation Expert Team will be representing the EPSG on the two major pilot projects currently being conducted by the NOBID consortium and the European Wallet Consortium (EWC).
The EU’s Digital Operational Act (DORA) and the Cyber Resilience Act (CRA)
The EU’s Digital Operational Act (DORA) came into force on 17 January 2025 and SPA ensured members were ready to assist banks and financial institutions with their compliance activities. To further assist financial entities, SPA has also published a position paper that sets out why physical payment card personalization does not fall under the remit of DORA.
The Cyber Resilience Act (CRA) marks a pivotal step towards strengthening cybersecurity across the EU .However, SPA has long advocated that smart payment cards already meet vigorous security standards and our recently published position paper sets out how the existing security practices and regulatory compliance mechanisms, utilized by the payments industry, are fully aligned with CRA requirements. SPA will advocate to ensure that these existing practices and mechanisms are recognized under CRA.
Corporate Social Responsibility (CSR)
This year will see SPA further extend its work on eco-friendly payment cards and sustainability. Building on our earlier education and research programs, we are now poised to launch a number of new workstreams. Stay tuned for announcements on a range of initiatives relating to sustainable and inclusive design, a standardized methodology for lifecycle CO2 impact analysis, and more.
Securing card payments in a post-quantum world
SPA has consistently highlighted the risks that quantum computers pose to encryption algorithms and the need to prepare for a post-quantum world. In Europe, national security agencies and regulators are beginning to address this issue and set migration timelines for adopting post-quantum cryptography.
With the race now underway, the industry must closely monitor this rapidly evolving field. SPA will actively participate in discussions with various consortia, national security agencies, and regulators to raise awareness and enhance understanding of the challenges ahead.
Final thoughts
Committed to supporting today’s fast evolving payment ecosystem and providing leadership and expert guidance to its members, as well as regulators and standardization bodies, 2025 will see the SPA continue critical efforts to improve the interoperability, security and issuance of new payment instruments.
For now, I’d like to wish you all a happy, successful, and productive year ahead.
Best regards
Jacques Doucerain
President of the SPA