ChargeItPro achieves PA-DSS Validation under the PCI Security Standards Council Security Program.

Links

"Payment Processing Partners is a company you can count on to be there. They are quick to serve and really understand all facets of credit card processing which makes it easy for me and my company." Jerret Schaar
IT Director
Beauty Supply Chain Store

News

PCI Security Standards Council to Issue Final Version of PA-DSS in First Quarter of 2008

In November 2007, the PCI Security Standards Council adopted a new standard for payment application software: the Payment Application Data Security Standard (PA-DSS). The new standard is based on Visa's Payment Application Best Practices (PABP), and is currently under review by the Council's Board of Advisors. The Council will incorporate their feedback into a final version of the PA-DSS, which is due sometime during the first quarter of this year.

Visa created the PABP to help software vendors develop secure payment applications that do not store prohibited data (e.g., full magnetic stripe, CVV2 and PIN data) and to support compliance with the PCI Data Security Standard (PCI DSS). To date, some 200 products used by a large number of global merchants have been validated against Visa's PABP; and with the Council's adoption of PA-DSS, this number is expected to grow. The PA-DSS is already endorsed by all five global credit card brands: American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa, Inc.

With criminals becoming more sophisticated, and as payment applications vulnerabilities continue to be identified by its membership, the Council's goal is that payment applications adhering to the new standard will minimize the potential for security breaches and resultant fraud. Other components of the PA-DSS standard will be introduced following final publication of the standard, and will include the requirements and training program for Qualified Security Assessors (QSA)...and ultimately the publication of a list of validated payment applications.

For a list of frequently asked questions regarding PA-DSS and the migration of the Visa PABP to the new standard is available at the PCI Security Standards Council's web site at https://www.pcisecuritystandards.org/about/faqs.htm#pa-dss.