Joom!Fish config error: Default language is inactive!
 
Please check configuration, try to use first active language

PCI SSC Mobile Payment Acceptance Solutions | PCI SSC Mobile Payment Acceptance Products | PCI SSC Mobile Payment Acceptance Compliance
PCI Mobile Payment Print

Overview

Mobile payment acceptance is a transformative development technology that allows retailers to take card payments both inside and outside the traditional retail environment. As a new acceptance channel that promise faster check-outs new threats are to be considered, and security is an essential requirement prior to use from the initial phase of development and deployment of any mobile application in order to deter any fraudster’s ability to steal mobile payment solutions.

The PCI Security Guidelines for Mobile Payment Acceptance Solutions are designed to promote the security and integrity of the payment system, by providing guidance to vendors that develop mobile payment acceptance solutions and merchants that use these solutions.

The PCI Security Guidelines for Mobile Payment Acceptance Solutions for vendors are designed to achieve the following security goals:

  • Prevent account data from being intercepted when entered into a mobile device
  • Prevent account data from compromise while processed or stored within the mobile device
  • Prevent account data from interception upon transmission out of the mobile device

PCI Mobile Payment Compliance Program

The PCI Mobile Payment Compliance Program is designed to answer questions raised by vendors and merchants that stores, processes or transmits cardholder data while evaluating and selecting products, supporting the PCI Security Guidelines for Mobile Payment Acceptance Solutions and the PCI DSS requirements. This Compliance Program provides validated evidence about a product’s features and capabilities to support the PCI Security Guidelines.

The PCI Mobile Payment Compliance Testing and analysis cover several aspects of the product including:

  • Compliance Effectiveness
  • Product Capabilities Support
  • Scope Impact Analysis and Coverage
  • Management and Usability
  • Suitable for Use in and Recommended Configuration
  • Product Roadmap

PCI Mobile Payment Compliance Testing criteria

PCI Mobile Payment Compliance Testing is conducted by trained analysts against the PCI Mobile Payment Compliance Program criteria, as well as Compliance Labs functional and quality assurance requirements. The PCI Mobile Payment Compliance Program criteria rely on the PCI Mobile Payment Acceptance Security Guidelines intent from auditors’ and QSA’s perspective, companies’ needs, and queries from numerous specialists, including affected products vendors, developers, users and industry groups. The compliance analyst will report the results of each phase of testing in the Compliance Report, and will also document the product components submitted by the vendor and the configuration of the product evaluated.

Continuous Evaluation Process

Compliance Labs has developed the compliance evaluation process as a fundamental aspect of the Compliance Labs PCI Mobile Payment Compliance Program. The continuous evaluation process will monitor new compliance requirements and best practices and update testing criteria to drive product compliance effectiveness and quality over the long term.

Learn more about PCI Mobile Payment requirements