The CardPower mobile app is a secure product for the following reasons:
- The mobile application does not store any protected cardholder data (such as debit or credit card numbers, PIN, CVV/CVV2, etc.).
- It only displays a payment card using common publicly used references such as the last 4 digits of the card number and the cardholder name.
- By design, the mobile application does not contain any information that is subject to PCI-DSS or PA-DSS rules, because it can be downloaded and run on any unprotected device.
- The user provides login credentials and passes them to the authentication server without storing any passwords internally.
- In case of lost mobile devices, the user login for the CardPower mobile app can be remotely deactivated, thereby stopping any unauthorized access.