News

PCI contactless payments on COTS standard is published

Thursday 5 December 2019 11:06 CET | News

The PCI Security Standards Council (PCI SSC) has published a new data security standard for solutions that enable merchants to accept contactless payments using a commercial off-the-shelf (COTS) mobile device (e.g., smartphone or tablet) with near-field communication (NFC).

Using the PCI Contactless Payments on COTS (CPoC) Standard and supporting validation program, vendors can provide merchants with contactless acceptance solutions that have been developed and lab-tested to protect payment data.

The primary elements of a CPoC Solution include: a COTS device with an embedded NFC interface to read the payment card or payment device; a validated payment acceptance software application that runs on the merchant COTS device initiating a contactless transaction; and back-end systems that are independent from the COTS device and support monitoring, integrity checks and payment processing. Software-based PIN entry is not permitted in a CPoC Solution.

Through a combination of the security controls built into the merchant application and ongoing monitoring and integrity checks performed by the back-end systems, merchants and consumers can have confidence in the security of the CPoC Solution and the contactless transaction, according to PCI SSC press release.

Validated CPoC Solutions are listed on the PCI SSC website as a resource for merchants and acquirers. Program details are outlined in the CPoC Program Guide, which is available now on the PCI SSC website. 


More: Link


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: PCI Security Standards Council, PCI SSC, Data Security Standard, merchants, contactless payments, NFC, fraud prevention
Categories: Fraud & Financial Crime
Companies:
Countries: United States
This article is part of category

Fraud & Financial Crime