mCommerce payments platform provider paythru has achieved Level 1 PCI DSS (Payment Card Industry Data Security Standards) 2.0 compliance, the payment card industry standards for secure payments.
PCI DSS 2.0 provides requirements and guidelines on how to store, process or transmit card data electronically.
A key criteria of PCI DSS 2.0 is the use of tokenisation whereby Primary Account Numbers (PANs), are completely removed from the transaction process. Tokenisation adds an extra layer of security to the transaction process and it reduces the scope of the PCI DSS assessment.
paythru enable its merchants and customers to complete transactions in a single text message or email through a tokenised password authentication system.
paythru Innovation & Development director Russell Sheffield said despite the potential of mCommerce, where any mobile phone can be used to conduct a huge variety of transactions, the risk of fraud increases if mobile payment systems are not implemented securely.
"Tokenisation has always been a central part of our security, which is why we have now achieved Level 1 PCI DSS 2.0. In fact, we have taken tokenisation one step further with technology that also verifies whether the person making the payment is the genuine cardholder," said Sheffield.
