3

Can someone help me understand how the PCI Timeout rules change for an application like the Starbucks App? A user is able to keep their card open ready for scan for longer the 15 minutes if needed, but PCI A11y AA also requires to display a message giving the user a chance to react and keep the session alive.

I understand and have implemented it from an e-commerce approach but am a bit confused on the e-wallet approach.

Conor Mancone
  • 29,899
  • 13
  • 91
  • 96
Vinny
  • 31
  • 2
  • 1
    Which document are you referencing? They have a lot of documentation on various things, and I'm not sure which one you're referring to. It's quite possible that the difference is that the _cardholder_ isn't subject to any PCI requirements, so an app they use doesn't have to deal with that. But without knowing the specific document/rule, I can't confirm that. – Bobson Feb 08 '20 at 23:52

0 Answers0