Blog post

Will the PCI Standard lose relevance in the Mobile World?

By Avivah Litan | February 13, 2012 | 0 Comments

Did I miss something? The PCI Council was supposed to finish guidelines for mobile payment card acceptance in 2011, but I can’t find any update on their website. Having just returned from “The Valley” where most security professionals are headed soon for the RSA Security Conference, I can reaffirm (as if anyone needs reminding) that mobile devices are the new desktops . Accordingly, there are lots of innovative developments around mobile payments – both on the payer and the payee side, even when it comes to credit and debit card payments.

So where is the PCI Security Council? And why aren’t they getting ahead of the rush to mobile payments and mobile payment acceptance?

I know where at least one of their founders, Visa is. Investing and backing Square, one of the more innovative payment card acceptor applications out there that is allegedly growing by leaps and bounds, even in the absence of a PCI standard for mobile payment acceptance.

Walk into any Apple store around the world and you will see the sales people there also ‘ignoring’ PCI standards by accepting payments on non-PCI certified mobile payment devices.

I realize it’s tough to develop standards for the non-standard mobile environment, but no one said the PCI Council should have it all easy. It just makes me wonder what the purpose of the council and the PCI standard itself is from the viewpoint of the card companies. If anyone has any ideas, please let me know.

Comments are closed