The PCI Security Standards Council has released an official statement on mobile payment applications — look for something from them next year. Nothing will be approved before then, but on the other hand they did not say mobile payment applications are prohibited.
The PCI SSC is committed to an ongoing evaluation of emerging payment technologies. The impact of mobile payment technology on the security of cardholder data will be a key focus for the Council in 2011.
Until such time that it has completed a comprehensive examination of the mobile communications device and mobile payment application landscape, the Council will not approve or list mobile payment applications used by merchants to accept and process payment for goods and services as validated PADSS applications unless all requirements can be satisfied as stated.
The payment cards themselves are running pilot programs with mobile payments, as I’ve mentioned before, so expect more updates in the near future.