The PCI Mobile Payment Acceptance Security Guidelines offer software developers and mobile device manufacturers guidance on designing appropriate security controls to provide solutions for merchants to accept mobile payments securely.
The guidance supports the need for more secure development practices for mobile payment acceptance solutions. According to security experts Trustwave SpiderLabs, that specialize in data breach investigations and malware analysis, mobile computing, commerce, and malware are still in their infancy. Existing platforms limit users’ ability to ensure the security of transactions conducted on mobile technology.
The document organizes the mobile payment-acceptance security guidance into two categories: best practices to secure the payment transaction itself, which addresses cardholder data as it is entered, stored and processed using mobile devices; and guidelines for securing the supporting environment, which addresses security measures essential to the integrity of the broader mobile application platform environment.
Key recommendations include:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.