Visa Security Best Practices for Mobile Payment Acceptance Solutions, Version 2.0 has been released.
The previous version of the best practices was intended for two distinct audiences: vendors that develop Mobile Payment Acceptance Solutions and merchants that use these solutions. For purposes of this document, a vendor is any entity that develops Mobile Payment Acceptance Solutions, either in-house or on behalf of another organization. In this newer version, there is a third audience: Acquirers and Payment Service Providers (PSP).
Here’s a quick summary of best practices in the new section:
- Uniquely ID merchant transactions
- Restrict manual Key Entered transactions
- Carefully on-board and monitor merchants
- Use online processing
- Monitor for mobile payment acceptance fraud