A security vendor recently had to issue a correction to its own sales pitch after it falsely insisted it was "certified" with a payments industry security standard, StorefrontBacktalk reported June 23.
The vendor, TF Payments, a unit of ThoughtFocus Technologies, was marketing its FocusPay product as compliant with the Payment Card Industry Data Security Standard for mobile payments, "when in fact no one can be," the article said.
"Vendors are feeling pressured to promise capability with non-existant standards — and hoping no one notices," the article continued. "This time, however, someone did."
The article said that although in some cases these false claims are outright lies, in other cases they stem from efforts by marketing people to build campaigns around PCI compliance "with no meaningful oversight from the technology people who know the areas better."
Daniel Stiel, the contractor who worked on the marketing campaign for FocusPay, said in the correction email that although the earlier email had a graphic that could be read as a logo indicating the mobile application was PCI-certified, "the reality is that there is no such thing as a 'PCI-certified' mobile payment app or an official mobile certification logo."