PCI Council Releases Mobile Card Acceptance Fact Sheet for Merchants
June 4, 2012
Recently, the Massachusetts-based Payment Card Industry Security Standards Council (PCI SSC) published a fact sheet for merchants that want to accept payments on mobile devices while remaining compliant with the group’s PCI DSS standards. In At a Glance: Mobile Payment Acceptance Security , the Council encourages merchants to seek out a Point-to-Point Encryption system that has been validated by the standards-setting body for the payment card industry.
“Validated solution providers will have a list of approved card readers (also called Point of Interaction or POI) that have been tested to work securely with their solution,” the fact sheet says. “The solution provider is responsible for ensuring that any POI used with their solution has been validated as compliant with the appropriate PCI SSC security requirements, including the Secure Reading and Exchange of Data (SRED).”
The publication also has advice for merchants that want to build their own mobile acceptance solution and basic information on encryption and why securing mobile payments is important.