New PCI Standard for Mobile Payment-Acceptance Solutions
The Payment Card Industry issued requirements to provide reasonable assurances that a mobile payment-acceptance solution adequately protects cardholder data, PINs and other assets from unauthorized disclosure, modification or misuse. The purpose is to provide a set of principles, requirements and an evaluation methodology for a mobile payment-acceptance solution where the PIN Cardholder Verification Method (CVM) entry is performed on a commercial off-the-shelf (COTS) device (e.g., smartphone, tablet) in a merchant attended environment. The standard applies to organizations developing, managing and deploying mobile payment-acceptance solutions.
Recent Posts