Information Security Leader, Author, Instructor and Speaker

Understanding PCI mobile application development guidelines

Posted on April 27, 2013 in Articles | by

The Payment Card Industry Security Standards Council (PCI DSS) recently released the long awaited PCI mobile payment acceptance security guidelines.  These guidelines, created by a task force of industry professionals, offer best practices for mobile software developers building mobile payment applications. Whether you are involved in the creation of mobile payment applications or use them as a merchant, you should read these guidelines and understand the impact they may have on your business.

What is a mobile payment application?

First, it’s important to have a solid understanding of what is covered by the guidelines: any payment application that is designed to run on multipurpose mobile hardware.  Translated, this means software that a merchant might use to accept credit card transactions on a consumer-grade mobile device, such as a smartphone, tablet or similar device.  Any software designed to run on these devices should be developed in accordance with the Payment Application Data Security Standard (PA DSS) and the mobile payment acceptance security guidelines.

Originally published on, April 2013

Leave a Reply

Your email address will not be published. Required fields are marked *

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography