Archive for December 16th, 2010

16
Dec
10

PCI SSC Nixes PA-DSS Certification For Mobile Payments Applications – For Now

In a not so widely disseminated and tough to find statement, the PCI SSC has basically put the kibosh on the certification of any mobile payment applications for the time being.  The second paragraph of the statement says it all.

“Until such time that it has completed a comprehensive examination of the mobile communications device and mobile payment application landscape, the Council will not approve or list mobile payment applications used by merchants to accept and process payment for goods and services as validated PA-DSS applications unless all requirements can be satisfied as stated.”

The statement indicates that the Council will be taking up the topic of how to certify these applications and addressing any changes to the PA-DSS program that may be required.

As I stated in a previous post, mobile payment processing, no matter how you define it, is not the easiest environment to secure.  It is interesting that the Council has seen the light and is also taking a careful approach to this environment.

Hopefully, we shall see next year if the Council comes up with a workable solution.




Welcome to the PCI Guru blog. The PCI Guru reserves the right to censor comments as they see fit. Sales people beware! This is not a place to push your goods and services.

December 2010
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031