A new twist on PCI DSS: Visa's Payment Application Best Practices
Abstract:Payment Application Best Practices was developed in 2005 by VISA to guide payment application developers that help merchants and agents mitigate compromises, prevent storage of sensitive cardholder data and support overall compliance with the PCI Data Security Standard (PCI DSS). The PCI Security Standard Council has ratified the PABP developed by VISA as a standard and has published the same as Payment Application Data Security Standard (PA-DSS). Under the PABP, 555 products were validated for compliance. Further PCI SSS has added to this list and has published the consolidated list in its website for smooth transition.
PCI SSC is in the process of adding a new provision to its existing PCI DSS mandate picked from PABP developed by VISA. This move by PCI SSC deems to bring in more security in payment application development. This will bring all the vendors of payment application development under the PCI DSS compliance umbrella.
