If you're accepting card payments on mobile devices, here's how to protect your business:
Using only a smartphone or tablet to process payments leaves you vulnerable to data breaches, fraud liability, and compliance violations. This puts your business at serious financial and legal risk.
Essential steps to reduce your risk:
1 - Ensure your certified equipment is up to date.
- Only use a PCI-certified Point of Interaction (POI) device that connects to your mobile device
- If you don't have this, contact your payment processor today to request certified hardware
- Stop processing payments until you have proper equipment in place
2 - Verify your setup meets standards
- Ensure your device is PCI PTS certified (ask your processor for documentation)
- Confirm that card data is encrypted within the certified device, not your phone/tablet
- Never use apps that require typing card numbers directly into your mobile device
3 - Protect yourself from liability
- Using certified equipment helps shield you from fraud liability
- Non-certified processing can void your merchant agreement
- Document that you're using approved, certified devices
4 - Red flags that increase your risk
- Any solution that stores card data on your phone or tablet
- Uncertified card readers or phone attachments
- Apps claiming you can safely enter card details manually
The bottom line
Don't process another payment unless you have certified equipment. The cost of proper hardware is minimal compared to the potential losses from a data breach or compliance violation.
Contact your payment processor immediately - most provide certified devices at low or no cost to protect both you and your customers.