PCI Council Launches Flexible Mobile Payments Standard - Infosecurity Magazine

The PCI Security Standards Council (PCI SSC) has published a caller modular designed to amended the information of mobile-based payments and easiness compliance efforts.

The council, a cross-industry outgo paper radical liable for the ubiquitous PCI DSS standard, said the motorboat recognizes the antithetic information requirements for regular versus mobile payments.   

Its new standard, Mobile Payments connected COTS (MPoC), builds connected existing standards that screen solutions enabling merchants to judge cardholder PINs oregon contactless payments utilizing a smartphone oregon different commercialized off-the-shelf (COTS) mobile device. These standards are known arsenic PCI Software-based PIN Entry connected COTS (SPoC) and PCI Contactless Payments connected COTS (CPoC).

MPoC combines the 2 by including PIN and contactless introduction connected the aforesaid COTS device.  It’s designed to beryllium a much flexible, modular modular supporting antithetic types of outgo acceptance channels and user verification methods connected COTS devices.

“As the outgo acceptance scenery continues to grow, merchants, vendors, and solution providers are seeking caller ways to judge and process payments,” said Emma Sutcliffe, SVP standards serviceman astatine the PCI SSC.

“The PCI MPoC Standard recognizes that determination are antithetic ways successful which a card-based outgo whitethorn beryllium accepted successful face-to-face environments done the usage of COTS products, specified arsenic mobile phones and tablets.”

Compliance with the modular should beryllium comparatively straightforward to those acquainted with PCI SPoC and PCI CPoC, arsenic galore of the requirements are the same, the PCI SSC said.

MPoC has besides been designed to abstracted the ‘technical’ oregon ‘development’ elements from the ‘operational,’ enabling the modular to germinate to code marketplace needs much seamlessly, it added.

This is often a disapproval of standards successful the exertion and information abstraction – that they neglect to support gait with the velocity of innovation successful the market.

The announcement volition beryllium of involvement to some vendors of paper contiguous outgo acceptance technologies and the acquirers and merchants which bargain and deploy the solutions.

“It’s hard to accidental what the aboriginal of payments volition be, but we cognize that payments can’t beryllium a one-size-fits-all,” said Andrew Jamieson, VP of solutions astatine the PCI SSC.

“At the council, we privation to let for innovation, flexibility, and agility successful however our standards code these caller outgo acceptance methods. At the aforesaid time, this innovation needs to enactment a capable level of information that allows for the assurance successful these solutions that is required for their wide adoption.”

Led by Google Pay and Apple Pay, usage of mobile wallets surged during the pandemic, according to the US National Retail Federation (NRF).