Earlier this month, September 13, 2012, the PCI Security Standards Council released new standards for developers creating mobile payments applications. While the advice is geared towards developers, merchants are advised to review so that they have adequate information to ask questions about potential mobile apps they are considering. Here are three key objectives:
Objective 1: Prevent account data from being intercepted when entered into a mobile device.
Objective 2: Prevent account data from compromise while processed or stored within the mobile device
Objective 3: Prevent account data from interception upon transmission out of the mobile device.