Newly-appointed chairman of the PCI Security Standards Council, Michael Mitchell, recently reiterated the importance of data security for mobile payments technology and the Council’s priority in studying and advising the industry on such technology. Chairman Mitchell pointed out the sharp increase in mobile payments but also a lag in security technology protecting such payments. “The adoption of mobile is running rampant, and when it comes to using personal mobile devices, people have not thought about all of the security.”
In June 2011, the Council, through a Mobile Working Group, released guidance analyzing mobile payment applications and validating such applications within the Payment Application Data Security Standard (PA-DSS). The working group will next turn its attention to releasing best practice guidance for mobile payments. As we recently covered in a previous post, the FTC also recently announced it would host a workshop on April 26, 2012, to discuss mobile payments.