This document provides an overview, risk assessment, minimum security requirements and extended security guidelines for code-scanning payment in which the payer uses a mobile device to operate the payment transaction.

This document is applicable to cases where the payment code is used to initiate a mobile payment and presented by either the payer or the payee.

The following is excluded from the scope of this document:

—     details of payer and payee onboarding;

—     details of the supporting payment infrastructure, as described in 5.1.