So I’m not doing booth duty at RSA this year. Instead I’m sitting in my cube reading RSA blogs, looking through RSA press releases, and listening to RSA podcasts, including the PCI Security as a Lifecycle podcast by Bob Russo, General Manager, PCI Security Standards Council. Like other PCI watchers, I was surprised that the standards organization wasn’t using RSA to make a splash with updated guidelines for mobile payment card acceptance.

After all everyone else is racing to deliver mobile payment apps. PayPal reached $4 billion worth of mobile payments last year, up from $750 million in 2010. The nationwide rollout of Starbucks’s mobile payment system in

Jan of 2011 resulted in three million payments from iPhones and Blackberries. Even regular banks are getting in on the act. I still chuckle at Drew Brees’ son wrecking havoc on the neighborhood with his kicking skills and dad sending mobile payments via Chase Person-to-Person QuickPay. Earlier this month Fast Company ran a story about Barclays with the title “Mobile Payments For Everyone.

With all that hype, it may seem odd that Russo is stressing the importance of building in security. On the other hand, it occurred to me while watching the Barclays video about their mobile apps, that they have taken the lessons of PCI to heart, i.e. it’s not really about checking off a compliance box once a year. It’s about building security into how you do business. So maybe Russo does have his eye on the right ball after all.

Anyway, I think it’s time for me to sneak in another round of Veracode Defender...

About Jasmine Noel

At Veracode, Jasmine’s efforts are focused around market research, content development and sales enablement efforts. Previously, Jasmine was a founding partner of Ptak/Noel, an industry analyst and marketing consulting firm. Prior to that she also served as director of systems and applications management at Hurwitz Group, and senior analyst at D.H. Brown Associates. Jasmine holds a bachelor of science from the Massachusetts Institute of Technology and a master of science from the University of Southern California.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.