| The easiest route to a PA DSS validation |
Vendors that develop or install payment applications should be aware of the Payment Application Data Security Standard (PA DSS), which was issued by the credit card companies and their organisation, the PCI Security Standards Council, in May 2008. |
|
| |
| The standard specifies concrete security requirements with respect to integrators, terminal vendors and other types of software developers to make it easier for banks and shops to achieve compliance with the Payment Card Industry Data Security Standard, PCI DSS. Read more about what is required by PA DSS below. |
| |
| Validating your payment application quickly and effectively |
FortConsult is the only payment application qualifued security assessor in Denmark that is approved by the PCI Council to carry out the assessment procedures required to validate that a payment application is compliant with the PA DSS on behalf of the credit card companies and the acquiring banks. In addition to guiding you safely through the process to obtain PA DSS validation, we can help you to ascertain:
- How you should interpret the security requirements in PA DSS
- Whether you can put your application outside the scope of the PA DSS, e.g. by designing an application that does not process, store or transmit card data
- How you can obtain PA DSS validation in the quickest and most straightforward manner
- How you can minimise your costs associated with obtainining PA DSS validation for your application
|
|
| |
| Our most important piece of advice to you is to gain a full understanding of the PA DSS as soon as possible. This will allow you to know if your payment application needs to be PA DSS validated and have an idea of the changes required to achieve compliance. Incorporating the action plan for obtaining PA DSS validation with your current development strategy will minimize any changes required to make the application compliant and avoid unecessary duplication of effort. |
|
| |
| Contact us at info@fortconsult.net if you wish to know more about PA DSS compliance and how best to go about obtaining PA DSS validation. |
| |
| Benefits - not just strict requirements |
Although it is a requirement for certain vendors that they comply with the PA DSS, there are also a number of benefits associated with being PA DSS validated:
- You will have formal documentation stating that you develop secure software
- You obtain an international stamp of approval by the PCI Council and your software will not prevent PCI DSS compliance
- You can use the PA DSS validation to gain a competitive advantage and simplify the PCI-DSS compliance process for shops and service providers
|
|
| |
| Enterprises that are not subject to PA DSS requirements can also obtain the above benefits - although their names will not be published on the PCI Council's list of approved payment applications. |
|
| |
| You can read more about the security requirements in PA DSS in the links below, as well as how to obtain PA DSS validation in the easiest possible manner. |
