Visa Europe releases mobile security practices

16-05-2011 11:54:00

Visa Europe has lunched security guidelines to ensure trust in mobile acceptance solutions. Practices are issued for e-customers, e-commerce services management and software and hardware providers.


One of the main points lunched by organization is about encryption and tokens technologies use as on-line payments standards. It enabled a growing number of small and medium size companies to start on-line business. According to Visa this technologies have already proven to be suitable to different retail and payment processing environments.


Best practices for vendors and merchants by Visa Europe:


1. Implement secure mobile payment acceptance solutions:

- provide applications with a know chain of trust,

- develop applications based on secure coding guidelines,

- protect encryption keys and use it in accordance to standards.

2. Limit exposure of mobile payment:

- encrypt all public transmission of account data,

- protect account data and payment card by trusted applications,

- provide the ability to truncate Primary Account Number,

- protect stored data to authenticate.

3. Transfer data:

- only use solutions intended by known providers,

- install software only from trusted sources,

- protect customers from malware,

- immediately report the loss or theft device or accessory.


The practices are one of security channel intended by Visa. Before the customers adhere to the principles set forth in the Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standards (PA-DSS).


It all help retailers, consumers and financial institutions to expect the same standards for mobile acceptance solutions. Moreover it is a way to fast and easy recognize e-commerce service with trusted payment system.


See the original article here.

Mensajes recientes

Google AdWords requires an SSL certificate?
03-07-2017 11:56:53

If you run a online business, you are sure to use Google AdWords. Perhaps this is one of the main traffic sources on your site, so the last message you want to see is "Your account has been suspended ...". And yet, you can expect it if your site is not SSL-secured.

Google AdWords requires an SSL certificate?
Comodo and DomenySSL are deprecating SGC
06-07-2016 13:23:42

Starting 1st of August 2016, Comodo and DomenySSL will no longer offer SGC variants of certificates. As your account has a valid SGC certificate which will be up for renewal in the future, the company has prepared a list of recommended alternatives.

Comodo and DomenySSL are deprecating SGC
Thawte pampers clients
04-07-2016 12:22:58

Thawte is only one of the few vendors outside of the United States. As the main competitor of American vendors quickly gained a 40 % share of the market SSL certificates.

Thawte pampers clients
más artículos