PA-DSS Compliance


The Payment Application Data Security Standard (PA-DSS) is a set of security requirements developed by the Payment Card Industry Security Standards Council (PCI SSC) that direct how commercial payment applications must capture, storage, process and transmit sensitive cardholder data.

The PA-DSS applies to software companies and integrators of applications that are sold, distributed or licensed to third parties and have functions that that store, process or transmit cardholder data as part of authorisation or settlement . Applications built and used only in-house are not subject to the PA-DSS but they have requirements under the PCI DSS Compliance Program.

In order to be validated to the PA-DSS, providers are required to maintain compliance to the PA-DSS requirements, be assessed by a PA-DSS QSA and submit a Report on Validation (ROV) and Attestation of Validation to the Standards Council.

What PA DSS services does Securus Global provide?
We assist organisations understand what it is they need to do to become PA-DSS complianct, help them do it to achieve validation and most importantly get and stay on the on the list of PA-DSS sanctioned applications maintained by the PCI Standards Council.

The Securus Global PA-DSS Compliance and Audit teams will work with you to understand your requirements, identify compliance gaps and evaluate solutions and processes and minimise the impact of the audit and compliance process on your business.

Most importantly, Securus Global will provide the Report on Validation (ROV) and accompanying Attestation of Validation required by the PCI Standards Council to be a sanctioned application.

Securus Global as a reputable and thorough security testing provider an also assist with penetration testingdevelopment of policies and standards as required by the PA-DSS, reviews, training and development of developers and other solutions that can assist you in meeting all of the requirements.