wi-fi, by poloballs

Big news Friday as the PCI Security Standards Council released several documents reversing their temporary ban on SOME mobile payment applications for the PA-DSS list. Essentially, purpose built devices are allowed, others are not.

Remember, as long as the device complies with PCI DSS in production, you do not necessarily need a PA-DSS certification to deploy it. It certainly helps the discussions with your QSA or Acquirer, but it is not a requirement. In fact, not all devices CAN comply with PCI DSS, so that should be your first step. Go back to my guide on how to make a mobile device comply with PCI DSS for more information on key areas you need to investigate. If you can install Angry Birds on the device, it might be a bit more challenging than if you cannot.

This post originally appeared on BrandenWilliams.com.