PCI CPoC
E723416
PCI CPoC (Contactless Payments on COTS) is a PCI Security Standards Council program and standard that defines security and compliance requirements for accepting contactless card payments on commercial off-the-shelf mobile devices without a dedicated payment terminal.
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
PCI SSC program
ⓘ
payment security standard ⓘ |
| acronymFor | PCI Contactless Payments on COTS NERFINISHED ⓘ |
| appliesTo |
commercial off-the-shelf smartphones
ⓘ
commercial off-the-shelf tablets ⓘ |
| assessmentBy | PCI-recognized laboratories ⓘ |
| assessmentResult | listing of approved CPoC solutions by PCI SSC ⓘ |
| defines |
compliance requirements for contactless payments on COTS devices
ⓘ
security requirements for contactless payments on COTS devices ⓘ |
| developedBy | PCI Security Standards Council NERFINISHED ⓘ |
| domain |
information security
ⓘ
payment card security ⓘ |
| excludes | dedicated payment terminals ⓘ |
| focusesOn |
commercial off-the-shelf mobile devices
ⓘ
contactless card payments ⓘ |
| fullName | PCI Contactless Payments on COTS NERFINISHED ⓘ |
| geographicScope | global ⓘ |
| governs | use of NFC interfaces on COTS devices for payments ⓘ |
| hasComponent |
Back-end monitoring and attestation requirements
ⓘ
CPoC Application requirements ⓘ CPoC Solution Provider requirements ⓘ |
| includes |
requirements for data protection and encryption
ⓘ
requirements for device and application integrity checks ⓘ requirements for logging and monitoring ⓘ requirements for secure software development practices ⓘ requirements for vulnerability management ⓘ |
| industry | payments industry ⓘ |
| objective |
enable secure contactless payments on COTS devices
ⓘ
protect cardholder data during contactless transactions ⓘ provide a framework for assessing CPoC solutions ⓘ |
| publisher | PCI Security Standards Council NERFINISHED ⓘ |
| relatedTo |
PCI DSS
NERFINISHED
ⓘ
PCI MPoC NERFINISHED ⓘ PCI PTS NERFINISHED ⓘ PCI SPoC NERFINISHED ⓘ |
| requires |
attestation of application integrity
ⓘ
incident response procedures for CPoC solutions ⓘ real-time monitoring of the CPoC environment ⓘ secure lifecycle management of the CPoC application ⓘ secure management of cryptographic keys ⓘ |
| scope | card-present contactless transactions on COTS devices ⓘ |
| status | superseded by PCI MPoC for new solutions ⓘ |
| supports | EMV contactless transactions ⓘ |
| targetAudience |
acquirers
ⓘ
merchants using COTS devices for contactless payments ⓘ payment service providers ⓘ solution providers ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.