The guidance includes a statement from the Council on PA-DSS and mobile payment acceptance applications that provides information on the types of m-payment acceptance apps that can meet PA-DSS requirements and those that require additional examination from the Council.
The statement is a result of the first phase of the Council’s evaluation of the mobile communications device and payment application landscape, focused on identifying and clarifying the risks associated with validating mobile payment acceptance applications to the PA-DSS 2.0 standard.
As a result, the Council has classified mobile payment acceptance applications into three separate categories based on the type of platform and its ability to support PCI DSS compliance, and identified which can now be considered for review and listing as PA-DSS validated applications.
The Council plans to release additional guidance around mobile payments by the end of 2011.
The PCI SSC is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the PA-DSS.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now