Abstract
Disclosed are methods for securing a mobile application on a cardholder-owned device, including defining principles and minimum security requirements for mobile applications that are designed to capture contactless payment instrument data and perform a cryptographic authentication of the contactless payment instrument. The present disclosure provides a solution that outlines minimum security requirements and evaluation guidance for mobile applications designed to capture data (e.g., a PAN, a cardholder’s name, an expiry data, an EMV cryptogram, etc.) of a contactless payment instrument using short-range communication, such as near-field communication (NFC), and further designed to perform a cryptographic authentication of the payment instrument.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Markh, John; Javkin, Ian; Chen, Yeuxi; Paca, Angelito; Tambunan, Victor; Kekicheff, Marc; and Smirnoff, Sergey, "A METHOD TO SECURE A MOBILE PAYMENT APPLICATION SOLUTION ON A CARDHOLDER-OWNED MOBILE DEVICE", Technical Disclosure Commons, (September 26, 2024)
https://www.tdcommons.org/dpubs_series/7381