PA DSS Validation

PCI DSS may be the buzz word but there are other standards council is promoting. PA DSS falls in second to PCI DSS. PCI also has PA-DSS, PCI – PTS Suite of Standards, P2PE and the Card Production Standards.The PA-DSS has indeed been branched off from the PCI-DSS standard and tailored to suite applications, which are present in the PCI-DSS environment. The standard applies more to application vendors than to anyone dealing with card data. The first thing you would like to know is all the applications which are present in the PCI-DSS environment does not have to be PA-DSS certified.

PA-DSS applies only to

  • Applications which participate in authorization and / or settlement and
  • Applications which are sold off the shelf

In PA-DSS lingo ‘Authorization’ refers to the payment authorization by the issuing bank. The application should participate in authorization to an extent that it receives the track data and sensitive authentication data and processes it to complete the process of authorization. To clarify a bit more, this means your application will not be eligible to list with PCI Council if you don’t meet the above criteria.

However, that does not stop you from doing the right things for your application. Supporting your customers security and compliance program is integral in having a secure customer base. All these associated applications which sits in the scoped PCI environment will be evaluated against the payment application development guidelines as part of your client security program. PA DSS is one among the matured standards in the industry to evaluate the application against, showcases the security index of your application.


Pop up

We use cookies and other tracking technologies to improve your browsing experience on our website, to show you personalized content and targeted ads, to analyze our website traffic, and to understand where our visitors are coming from. While using our website, we may ask you to provide us with certain personally identifiable information, that can be used to contact you about our service offerings. By browsing our website, you consent to our privacy and cookies policy.