The guidance educates merchants on the factors and risks that need to be addressed in order to protect card data when using mobile devices, such as smart phones and tablets, to accept payments. The PCI Mobile Payment Acceptance Security Guidelines for Merchants as End-Users leverages industry best practices to educate merchants on what is needed to isolate and prevent card data from exposure.
The guidance is organized around the following key areas and objectives: Objectives and Guidance for the Security of a Payment Transaction – addresses the main risks associated with mobile payment transactions including account data entering the device, account data residing in the device and account data leaving the device; Guidelines for Securing the Mobile Device – provides recommended measures for merchants regarding the physical and logical security of mobile devices used for payment acceptance; and Guidelines for Securing the Payment Acceptance Solution – provides guidance for the different components of the payment acceptance solution; including the hardware, software, the use of the payment acceptance solution, and the relationship with the customer.
The PCI SSC is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the PA-DSS.
In recent news, the PCI Security Standards Council has released the PCI DSS E-commerce Guidelines, a new document which aims to help e-commerce companies understand and conform to the requirements of the PCI Data Security Standard.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now