If you are a payment software developer or integrator of commercialized payment applications which will be used in an environment that is subjected to PCI DSS compliance, you should consider assessing your payment application against the PCI Payment Application Data Security Standard (PCI PA-DSS). This standard was created to help software vendors develop secure payment applications to be sold, distributed or licensed to third parties.
Merchants are motivated to use PA-DSS validated payment applications in their payment environment to help with their PCI DSS compliance obligation and reduce cybersecurity risk.
PCI has published two new requirements documents for PCI Software Security, which will eventually replace PA-DSS. The audit requirements allow for companies to pre-validate their security development processes, to reduce the burden of ongoing compliance, and the testing requirements allow for the direct assessment of the security posture of a particular software component or product.
- PCI PA-DSS Compliance Support
- PCI PA-DSS Strategy and Implementation
- PCI PA-DSS Training
- PCI PA-DSS Gap Assessment
- PCI PA-DSS Formal QSA Assessment