In addition to the 2010 requirement for your business to certify to its level (1-4) of Merchant compliance with the
Payment Card Industry Data Security Standard (PCI-DSS), two new requirements have been added. They include:
Payment Application - Data Security Standard (PA-DSS) requires that any software that stores, processes or transmits credit card data must be PA-DSS certified, effective July 1, 2010. Coupled with this, as a merchant, if you use a software product to store, process or transmit credit card data, also effective July 1, 2010, when asked by your Merchant Acquirer (credit card processor), you must validate that the software you are using is PA-DSS certified.
Payment Card Industry - PIN Entry Device (PCI-PTS) requires all PIN terminal manufacturers to ensure their PIN Entry Devices are PCI-PTS compliant, effective July 1, 2010. Coupled with this, as a merchant, if you are using a PIN Entry Device to process debit card transactions, then also effective July 1, 2010, when asked by your Merchant Acquirer (credit card processor), you must validate that the terminal you are using is PCI-PTS compliant.
Merchant Acquirers (like Sage Payment Solutions) are required to ensure that these requirements are validated, in addition to ensuring all merchants meet their annual PCI-DSS certification.
Please select a topic below to learn more: