Payment Application - Data Security Standard (PA-DSS)
PA DSS relates to any installed application that processes credit card payments within the application. ALL software providers providing installed applications that process credit card applications within the software are (and have been) required to be certified to the PA DSS by July 1, 2010.
Sage Payment Solutions has a custom module that seeks to validate you are using a compliant PA DSS installed application and version.
It is important to note that PA DSS relates to specific VERSIONS of installed software directly involved in the collection, transmission, processing OR storage of credit cards. Many software products were not able to update older versions to meet PA DSS requirements, but they offer newer versions that do. If your installed software version is not PA DSS compliant Visa requires you either upgrade to a PA DSS compliant version – or seek an alternate PA DSS compliant solution.
Sage Exchange and PA-DSS
Although Sage Exchange was designed to be more than just a PA-DSS certified application, its integration with select Sage North America software products was certainly timely.
Sage Payment Solutions enlisted Trustwave in the role of PA-QSA to review and certify the payment application, and Sage Exchange's listing can be found (along with a list of all other currently PA-DSS payment applications) on the PCI Council website: