Visa Europe in cooperation with Visa Inc. has issued a set of mobile acceptance security best practices for software and hardware providers, retailers and their acquirers.
These best practices form part of Visa Europe’s ongoing strategy to advance security measures to help protect cardholder and account data when using consumer mobile devices such as smart phones to facilitate the acceptance of card payments.
The best practices build upon Visa Europe’s leadership in the areas of encryption and tokenisation technologies which can be used to both simplify and reduce the costs of implementing and maintaining a secure acceptance solution. Encryption and tokenisation technologies are designed to work hand-in-hand with EMV chip acceptance and have already proven to be suitable to different retail and payment processing environments.
Mobile technology is enabling a growing number of small and medium-sized retailers to accept payments using mobile devices. As retailers harness the power of mobile technology to accept payments and grow their businesses, the industry must also build in adequate controls and security measures to maintain stakeholder trust in electronic payments.
As mobile devices and acceptance attachments are not designed to the same security requirements as traditional payment terminals, and retailers do not currently control the security of the network environments to which their acceptance devices connect wirelessly, there are important security considerations above and beyond those for traditional payment acceptance solutions. These best practices are intended for two distinct audiences – mobile payment acceptance application and software/hardware solution providers as well as acquirers and retailers who use these solutions.
‘By engaging with industry in issuance of these best practices, and leveraging existing Visa guidance, we can ensure that any mobile acceptance solution deployed is both secure and suitable from the outset,’ explains Stanley Skoglund, head of payment systems and enterprise risk, Visa Europe.
‘EMV chip, widely adopted across Europe, has proven itself as a powerful technology that underpins Visa Europe’s vision for securing all face-to-face transactions, and has directly contributed to our success in tackling fraud.
‘Visa Europe will continue to deliver value to its more than 4,000 European member banks by moving to practical and cost-effective solutions that offer maximum protection both to retailers and cardholders.’
To promote the security and integrity of the payment system, Visa is committed to helping mobile payment acceptance providers, vendors, retailers and acquirers better understand their responsibility to keep account data secure when using mobile payment acceptance solutions with consumer devices such as smart phones.
A complete version of Visa’s Best Practices for Mobile Payment Acceptance Practices may be found online at www.visaeurope.com/ais.