PCI/mobile technology question/survey

["Semmens, Theresa" <theresa.semmens () NDSU EDU>]

Is your institution is using mobile technology (smart phone/tablet/Ipad) to do credit card transactions?

If so, what standards have you implemented, i.e., specific technology, when and where it can be used, who is allowed to 
do it (bookstore, athletics, dining services, etc.), security protocols in place?

If you are using a third party to accept and validate transactions who are you using?  (intuit, square, VeriFone, etc.)

If you can add, what technologies and vendors do your acquiring banks recommend?

NDSU entities (bookstore, athletics) are pushing to use mobile technology for credit card transactions.  I realize that 
PCI has not yet ruled on this, but I am also aware that it being done.  I would like as much information as possible to 
make an informed recommendation to our departments that want to implement it and if it can't be implemented I need to 
provide strong validation.  They are not willing to accept the comment, "PCI has not ruled on this technology, 
therefore...."

Theresa Semmens


Theresa Semmens, CISA
NDSU Chief Information Technology Security Officer
NDSU Dept. 4510
210D IACC, PO Box 6050
Fargo, ND 58108-6050
Office: 701-231-5870
Cell: 701-+212-2064
Theresa.Semmens () ndsu edu<mailto:Theresa.Semmens () ndsu edu>
www.ndsu.edu/its/security<http://www.ndsu.edu/its/security>