The Payment Card Industry (PCI) Security Standards Council, the governing body for credit and debit cards, just announced new security requirements for credit card payments on mobile devices – and it could be a real game-changer for the retail industry. The new standard will allow for PINs to be entered into smartphones and tablets in an effort to accommodate the increasing popularity of mobile point-of-sale systems. While this change may surprise some, it was a logical next step considering the dominant role mobile now plays in the consumers’ path to purchase.
A Closer Look
Given that this move allows for the most sensitive part of a payment transaction to happen on an arguably unstable device, the allowance comes with four key security principles to mitigate potential threats:
- Active monitoring of the service
- Isolation of the PIN from other account data
- Ensuring the software security and integrity of the mobile PIN entry application
- Protection of the PIN and account data using a PCI approved Secure Card Reader for PIN (SCRP)
Put simply, the new standard offers a means to not only isolate but also protect the PIN by using an encrypted PCI-approved device that attaches to the mobile device to receive data.
Why the Change?
The new implementation comes as a response to market need. Mobile point-of-sale is a growing rapidly, and it won’t be long before it becomes an expected practice among consumers. Until this point, smaller retailers in markets that require EMV chip and PIN acceptance have had a barrier to entry due to the high hardware price point. The PCI Council’s chief technology officer, Troy Leach, shared, "Many PIN standards today are more for the traditional POS terminals. This is the first time [that PCI has] promoted a secure software PIN entry."
What This Means For Retailers
The new standard will make it possible for retailers to participate in mobile point-of-sale solutions without investing in costly hardware. Retailers will be able to accept payments with just their mobile devices and a small, cost-efficient card reader. For smaller companies who don’t have the budget for such hardware, it alleviates a major pain point by providing a means to offer their customers a more flexible, efficient, and convenient shopping experience that will drive the growth of electronic transactions.
Do you have questions about POS solutions? We’re experts on the matter! Please contact us directly, and we’ll be happy to answer any questions you may have.