Payment Application Data Security Standard (PA DSS) is a subset of Payment Card Industry Data Security Standards (PCI DSS) that is applicable to any payment application. The standard is primarily tailored to ensure that any third-party application that performs Authorization and Settlement and is used by merchants, banks or any financial organization meets all the essential security guidelines as required.
The council put forth the PA DSS security framework for all payment applications developers to follow a secure guideline during the development cycle. In the context of PA-DSS, a software application that stores, processes, or transmits cardholder data as part of authorization or settlement, where the payment application is sold, distributed, or licensed to third parties is called a Payment Application.
Payment Application Data Security Standard (PA DSS) is a PCI SSC managed program for the Payment Applications and applies to software vendors and others who develop payment applications that store, process, or transmit cardholder data as part of authorization or settlement, where these payment applications are sold, distributed, or licensed to third parties. It helps software vendors and others develop secure payment applications.
Companies that are working on the development of Payment Application should follow the requirements as per PA DSS framework. However, the companies that are using such applications still have to comply with PCI DSS compliance as PA - DSS compliance alone does not guarantee protection against a data breach. The PA DSS is designed to help organizations ensure that they achieve PCI DSS Compliance smoothly.
Receive customized consulting to create a plan for current and future compliance efforts. SecurWires offer Consulting, Gap Analysis and Preparedness Services for PA DSS and we have developed channel partnerships with select PA DSS Qualified Security Assessor firms who can utilize the SecurWires reports to help customers get PA DSS Compliance and get listed on PCI SSC listing.
PA DSS and PCI DSS is promoted to establish a consistent and secure process across all entities who handle account data. We propose a stage-wise rollout for PA DSS compliance program starting from the GAP Assessment and then establishing a road-map for Remediation. SecurWires works with you until your application is certified and listed as the validated Payment Applications on the PCI SSC websites. SecurWires approach for achieving PA DSS Compliance is detailed in the following phases:
PA DSS Gap Assessment
Final Validation and Listing