Press Release

New ControlScan Mobile Payment Research: SMBs Rapidly Adopting mPOS While Forgoing Basic Mobile Security Measures

ControlScan 2014 Mobile Payment Acceptance Survey finds SMBs expect their mobile device, mPOS solution to be inherently secure

ATLANTA, Sept. 17, 2014 - ControlScan, a leading provider of security and compliance solutions for small and mid-sized businesses, has released a new report detailing the company's latest research findings on mobile technology adoption among its SMB customers. The report, Mobile at the Point of Sale: How SMBs are Adopting Mobile Devices to Accept Card-Present Payments, is based on input from more than 6,000 US-based SMBs responding to the company's 2014 Mobile Payment Acceptance Survey.

ControlScan's annual Mobile Payment Acceptance Survey helps ISOs, acquirers and other merchant service providers (MSPs) gauge mobile technology usage and requirements among the SMBs they serve. This year, ControlScan added a new series of questions to benchmark mobile SMBs' data security awareness and security-related processes. MSPs can use these findings to better understand and address their mobile merchants' security vulnerabilities, thereby reducing their business risk.

"We discovered that the majority of mobile SMBs are simply not concerned about data security as it relates to their business's mobile device usage," said ControlScan CEO Joan Herbig. "For example, 63% said they're not at all concerned about the security of the payment card data they're transmitting via mobile, yet 78% of these merchants are using the same mobile devices for other Internet-based tasks, such as surfing the Web and checking and sending email.

ControlScan's trending data shows that the percentage of SMBs using a mobile device to accept card-present payments has more than doubled within the last two years. In addition, tablet adoption is on a growth path, while smartphone usage is leveling off. Still, the Apple iPhone comes out on top at 55% penetration among the 2014 survey respondent group.

"Apple Pay is certainly entering the market at an opportune time, because like the everyday consumer, the SMB merchant is ready to go mobile," Herbig said. "In addition, Apple seems to have conducted its due diligence on the security layers surrounding its solution, which will be critical for long-term success."

In its research report, ControlScan recommends that merchant service providers reduce risk by pairing security measures with their mobile payment solutions. The company suggests adding mobile device management solutions that provide additional control over the device, such as locate, lock and wipe functionality (for lost or stolen devices), as well as vulnerability and configuration scanning similar to that which is required for traditional payment systems by the Payment Card Industry Data Security Standard (PCI DSS).

"SMBs expect security to be factored into the mobile point-of-sale solution they choose, so MSPs need to fulfill that expectation," Herbig said.

ControlScan partnered with eight leading merchant service providers to conduct the 2014 Mobile Payment Acceptance Survey. The complete research report includes an in-depth discussion of the survey's key findings, question-by-question commentary and practical recommendations for MSP organizations. Download a complimentary copy of the mobile payment research report here.

About ControlScan
Headquartered in Atlanta, ControlScan delivers unified security and compliance solutions that help small and mid-sized businesses secure sensitive data and comply with information security and privacy standards. We support business owners, franchisees and merchant service providers with technology, services and expertise for PCI DSS, HIPAA and EI3PA compliance; vulnerability detection and risk mitigation; POS, e-commerce and mobile security; and more. For more information, please visit or call 1-800-825-3301.