The PCI Security Standards Council (PCI SSC) released a fact sheet this week outlining how merchants can securely accept payments using mobile devices such as smartphones or tablets.
At a Glance: Mobile Payment Acceptance Security provides merchants with recommendations on partnering with a point-to-point encryption (P2PE) provider to securely accept payments and meet their PCI Data Security Standards (DSS) compliance obligations.
The fact sheet “talks about secure card readers or approved PED devices that can be connected to a smartphone or tablet that will encrypt a payment card as it is being swiped and then use either the phone or the tablet as a transport device to send it to the processor encrypted, so it can be processed, approved, and sent back to the phone in a point-to-point encrypted manner”, Bob Russo, general manager of PCI SSC, told Infosecurity.
Using smartphones and tablets as point-of-sale terminals to accept payments in place of traditional hardware terminals offers merchants flexibility. As mobile technology continues to change, the council said it will continue to work with the industry to ensure data security remains at the forefront of mobile evolution.