Developers of mobile point of sale solutions now have a path to build secure applications to support PIN entry on tablets and smartphones, following the Payment Card Industry Security Standards Council’s latest update.
The move specifies the requirements for allowing PIN entry directly on the mobile screen, so merchants can accept payments with their mobile device with an inexpensive card reader using a secure PIN entry application, the PCI SSC said in a Wednesday press release.
“The new standard allows for an alternative approach to secure PIN entry by isolating the PIN from other data and using a new robust set of security controls that extend beyond the physical hardware device itself,” said Troy Leach, PCI SSC chief technology officer, in the release.
The standard—
The standard enables providers to design complete solutions that actively monitor the service to block potential threats to the phone or tablet and ensure the security and integrity of the software-based PIN entry on the device, the PCI SCC said in the release.
The move benefits a relatively
Square has advanced mobile PIN in markets including the U.K. and Australia, and Santa Clara, Calif.-based
“Recognizing that innovation continues to happen at a very rapid pace, particularly in the mobile digital arena, the new standard helps enable our vision of every device as a secure acceptance device,” said Bruce Rutherford, Mastercard’s senior vice president of security standards and solutions, in an interview.
