I've loaded my production cards into my Apple Pay or Android Pay wallets, and I am using these to generate test transactions in my test environment, does this put me in PCI scope?
I've loaded my production cards into my Apple Pay or Android Pay wallets, and I am using these to generate test transactions in my test environment, does this put me in PCI scope?
No. When you load your cards into digital wallets the card number (PAN) is tokenized into a network token or Device PAN (DPAN). Network tokens can be handled within your test and production environments without introducing PCI scope.
More information on Network tokenization and PCI scope can be found here on the PCI Council website:
For more information about Payment Tokens, refer to the EMVCo website:
No. When you load your cards into digital wallets the card number (PAN) is tokenized into a network token or Device PAN (DPAN). Network tokens can be handled within your test and production environments without introducing PCI scope.
More information on Network tokenization and PCI scope can be found here on the PCI Council website:
https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/How-does-PCI-DSS-apply-to-EMVCo-Payment-Tokens
For more information about Payment Tokens, refer to the EMVCo website:
www.emvco.com