18 December 2017
visit www.aciworldwide.com

Visa sets out mobile acceptance best practices

27 April 2011  |  5019 views  |  1 Source: Visa

Visa (NYSE: V) today released a set of mobile acceptance best practices for merchants, software developers and device manufacturers who are using consumer mobile devices, such as smartphones and tablet computing platforms to facilitate the acceptance of card payments.

Visa best practices call for important security considerations such as encryption and tokenization of cardholder data and are designed to foster a better understanding of the merchant and service provider responsibilities related to securing cardholder data when a mobile phone is used as an acceptance device instead of a traditional terminal.

Mobile technology is enabling a growing number of small and medium-sized merchants to accept payments using mobile devices. As retailers harness the power of mobile technology to accept payments and grow their businesses, the industry must also build in adequate controls and security measures to maintain stakeholder trust in electronic payments.

"Mobile devices that can facilitate acceptance of payments are an important advancement in payments that must balance the promise of an enhanced consumer and retailer shopping experience with enhanced security measures to protect sensitive cardholder information," said Eduardo Perez, head of global payment system risk, Visa Inc. "As a payment technology leader, Visa is well positioned to provide the industry security guidance for emerging acceptance solutions."

Because mobile devices and acceptance attachments today are not designed to the same security requirements as traditional payment terminals, and merchants do not control the security of the network environments to which their acceptance devices connect wirelessly, there are important security considerations above and beyond those for traditional acceptance solutions. These best practices are intended for two distinct audiences - mobile acceptance application and software solution providers as well as merchants who use these solutions. Among the best practices guidance:

  • Encrypt all account data including at the card-reader level and in transmission between the acceptance device and the processor - especially important given the use of wireless or public networks.
  • Enable truncation or tokenization of card numbers, allowing the merchant to identify the cardholder without storing the full account data.

"Building security into the DNA of mobile acceptance solutions is necessary to help grow the channel and encourage innovation," said Bill Gajda, head of global mobile product, Visa Inc. "Providing security guidance to retailers and the industry, as mobile phones used as card acceptance devices are still emerging, will help ensure acceptance solutions are secure, provide a strong foundation for future growth of this channel and foster consumer trust in mobile commerce."

For mobile payments to reach a critical mass, they must work everywhere, every time, with the same reliability of Visa payments today. For more than 50 years, Visa has set a high bar for robust security, privacy protections, and guaranteed payment to merchants and global acceptance ubiquity. Merchants, consumers and financial institutions should expect the same standards for mobile acceptance solutions.

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 29 April, 2011, 13:11

One day, Visa issues best practice calling for encryption. The next day, it announces its investment in Square, a startup that is notorious for not encrypting card information as it travels from the merchant's Square-branded mobile phone card reader / software to the processor!

Hopefully, Square will use at least some of the investment from Visa to implement systems that achieve compliance with Visa's mobile acceptance best practices!

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.niceactimize.comvisit www.thomsonreuters.infovisit www.atos.net

Top topics

Most viewed Most shared
satelliteRipple completes XRP Lockup
11165 views comments | 3 tweets | 2 linkedin
Banks tap Ethereum smart contracts for MiFID II complianceBanks tap Ethereum smart contracts for MiF...
9852 views comments | 20 tweets | 21 linkedin
Banks and fintech startups join forces on blockchain-based supply chain pilotBanks and fintech startups join forces on...
7709 views comments | 19 tweets | 22 linkedin
Nordea takes Open APIs into live productionNordea takes Open APIs into live productio...
7316 views comments | 6 tweets | 26 linkedin
Digital banking startup Loot secures £2.2 million seed roundDigital banking startup Loot secures £...
7272 views comments | 5 tweets | 11 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job