m-payments platform provider paythru has
achieved Level 1 PCI DSS 2.0, a required and necessary industry
standard for payments security.

Paythru’s co-founder Russel Sheffield, told
Cards International that “m-payments are already secure”, but that
Paythru can now claim that its m-payment application is as secure
as a banking payments.

“Tokenisation” is the magic word, according to
Sheffield, who added:

“It adds and extra layer of security as it
uses random numbers and letters instead of storing Primary Account
Numbers. Customers can pay using a text message or email through a
tokenised password authentication system.”

Tokenisation removes key data, such as credit
card details (known as Primary Account Numbers, or PANs), from the
transaction process. The PCI DSS 2.0 standard gives guidelines on
how to store, process or transmit card payment data.

These requirements make it necessary for
merchants to asses risk vulnerability. In addition, card readers,
online shopping baskets and other payment applications have to
undergo an extensive code review to assess potential risks.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

According to Sheffield, tokenisation reduces
the extend of the PCI DSS assessment, minimising risk and PCI audit
costs.

Sheffield said at the official announcement of
paythru’s achievement of Level 1 PCI DSS 2.0:

“Despite the huge potential of m-commerce,
where effectively any mobile phone can be used to conduct a huge
variety of transactions, the risk of fraud increases if mobile
payment systems are not implemented securely.

“We understood this challenge very early on
and were one of the first in our industry to achieve Level 1 PCI
DSS, so that our clients could reduce the risk of mobile payment
fraud. Tokenisation has always been a central part of our security,
which is why we have now achieved Level 1 PCI DSS 2.0. In fact, we
have taken tokenisation one step further with technology that also
verifies whether the person making the payment is the genuine
cardholder.”

Sheffield also told Cards International that
tokens are stored on one only external server rather than being
spread along the payment chain.

That means that for future transactions, this
technology “verifies if the person making the payment is the
genuine cardholder”, he explained.

Now, Paythru has serious plans to expand
across South Africa and Eastern Europe.