CONTINUE TO SITE »
or wait 15 seconds

Blog

What do the new PCI/SSC guidelines mean for tablet kiosks?

March 14, 2013 by Brad Hintze — CMO/VP Marketing, Moki Mobility

The PCI Security Standards Council (SSC) just released new guidelines for developers, merchants and payment solutions providers using consumer mobile technologies for payment acceptance. These new guidelines represent the most comprehensive list of security considerations from a payment perspective we have yet seen.

But what do these new guidelines mean for iPad and Android kiosks? I spoke with one of the authors of the new guidelines this week and he said the goal for the new guidelines was to get those building these solutions to think beyond just the app and consider the whole environment where the app is running. Even if the app is fully secured and handling data correctly, environmental factors can still make a kiosk or mPOS solution insecure.

The new guidelines surface the security state of the environment inside the app with item 5.4 of the merchant guidelines and 4.15 in the developer guidelines. Basically, the app must show to users that the device is in a secure state. From an end user experience perspective, that is really simple: show a green checkmark or a thumbs up sign during the payment process to indicate that everything is secure. But when you pull back the curtains and look at what it takes to deliver this little indicator you see that it is actually quite involved.

There are many factors that go into the determination of the secure state:

  • Has the device been jail broken?
  • Have peripherals changed?
  • Where is the device physically located?
  • Is the device connected to the network? Which network?
  • Is this the right version of the app?
  • Has the app configuration changed?

When you deploy a kiosk or mPOS solution out in to the wild, it is easy to say that on day one that the device is secure, but as it gets used, everything changes. In order to meet these guidelines, the payment solution needs to continually monitor for changes and take action when something looks suspicious. No longer must kiosks simply worry about staying up and running, but they must continually monitor their state from a security perspective.

About Brad Hintze

Brad is VP of marketing at MokiMobility, a platform for remotely managing and monitoring of iPad and Android tablet kiosks.

Connect with Brad:

Related Media

Blog
How Self-Service Kiosks Drive Customer Behavior and Increase Sales
Blog
Is Your Kiosk Network Missing Something? The Case for Kiosk Management
Blog
Measuring Kiosk Performance: Are Your Kiosks Meeting Customer Expectations?
White Paper
Simplifying Digital Signage Content Management
Presented by PROVISIO LLC
Recent Posts
USConnect granted US patent for Theft Detective technology
GameChanger Systems secures 2nd round of series A funding
IDEMIA launches enhanced kiosks for background checks
EcoATM names Matt Furlong as CEO
Convious Kiosks cut queues, boost sales at Zoo Osnabrück


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'