New developments in mobile payments highlight the importance of the PCI DSS

Leading office supplier Staples has struck a partnership deal with payleven, a provider of mobile card payments, to distribute a mobile cashless payment solution that enables merchants to accept card payments via smartphones and tablets.

Payment Card

payleven’s mobile Chip & PIN card reader is now available to purchase in all Staples stores in the Netherlands, Germany and the UK. With mobile payment devices now freely available on high streets in Europe for smaller merchants to purchase, some critics are arguing that this exposes small and medium enterprises (SMEs) to a greater risk of cyber crime and data breaches.

Although such devices are lightweight, portable, convenient and can process transactions faster than standard terminals, it is extremely important for merchants – whether small or large – to be aware that they are legally obliged to comply with the Payment Card Industry Data Security Standard (PCI DSS).

Whether you’re a carpenter, beautician or shopkeeper, if you use a terminal to accept credit/debit card payments, then the PCI DSS applies to you. Even if you have subcontracted all PCI DSS activities to a third party, you are responsible for ensuring that all contracted parties are compliant with the Standard’s requirements, which include:

  • Building and maintaining a secure IT network
  • Protecting cardholder data
  • Maintaining a vulnerability management program
  • Implementing strong access control measures
  • Regularly monitoring and testing networks
  • Maintaining an information security policy.

Find out more about the PCI DSS and how it affects your organisation >>


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.