Contact FortConsult if you wish to know: - How to interpret the security requirements in PA DSS - Whether you have the option of exemption from PA DSS certification - How to be PA DSS validated in the quickest and most straightforward manner - How you can minimise your costs in qualifying for PA DSS validation We can also help you obtain PA DSS vali- dation. FortConsult is the only Danish enterprise which is certified by the credit card companies to both conduct audits and security scans of enter- prises' critical payment systems in accordance with PCI DSS - and to check security in payment software in accordance with PA DSS. The exact security requirements for each enterprise and the exact timetable for satisfying the requirements for your particular enterprise are issued by your customers' acquiring bank on behalf of the credit card companies and the PCI Council. In Sweden, for example, it is Pannordic which lays down the security requirements and specifies the exact deadlines for compliance with PA DSS on the Swedish market. In Denmark it is PBS who does the same.   In addition to the requirements from the acquiring bank, you will probably experience added pressure from your customers that need your software to be validated in accordance with PA DSS. Your customers - shops - also have to be security validated - but in their case in accordance with the PCI DSS. If your software is PA DSS compliant, your customers can not be prevented from being PCI DSS compliant.   In our experience, many shops are in the process of finding out how to respond to the PCI DSS and their most important task is to ensure that their applications are secure in order to avoid the risks and possible claims for damages from the credit card companies that may result from a hacker attack. They will thus probably contact their application vendor in order to discuss security very soon, if they have not already done so.   PBS and Pannordic are initially focusing on the fact that vendors of credit card terminals and cash tills have to comply with PA DSS. However, we expect that VISA will also specify requirements with regard to other types of software vendors at a later date.   FortConsult's role in relation to security requirements is to provide advice to enterprises such as yours so that you can be validated in the quickest and most straightforward manner possible. Firstly, to provide you with an overview of the areas in which you comply with PA DSS (or not) and secondly to perform a security check and audit on behalf of the credit card companies when your solution is ready to be checked.   If you require further information, e.g. concerning the security requirements in Nordic countries other than Denmark and Sweden, you are welcome to contact us.   You can read more about the security requirements in PA DSS in the following, as well as how to obtain PA DSS validation in the easiest possible manner.   About PA DSS Who has to comply with PA DSS? Who does not have to comply with PA DSS? Who lays down the security requirements? What are the security requirements? Benefits of PA DSS validation FortConsult and PA DSS Get a good overall perspective as soon as possible How to prepare for PA DSS validation Contact us - PCI DSS certified in 2004 to perform security scans as the first and only company in Scandinavia. - PCI DSS certified in 2005 to conduct audits as the first and only company in Scandinavia. - Chosen by the bank sector in Denmark to help all Danish bank data centres to acquire PCI DSS validation due to our early PCI DSS certification, our considerable experience in the PCI area and our extensive knowledge of the financial sector. - Permanent PCI DSS service provider to all Danish banks needing PCI DSS assistance. - Has carried out PCI DSS tasks for some of the biggest retail chains in Scandinavia at international level. - Is today the leading PCI DSS service provider in Scandinavia and the Baltic. We have, for instance, certified more than 60 percent of the enterprises on VISA's list of validated Scandinavian service providers. - PA DSS certified in 2008 as the first and only company in Denmark - and among the first 14 in the world.