Details ... deadlines ... data security standards ... The Payment Card Industry can make life difficult for even the most compliance-conscious campus. Relax. TouchNet has the resources needed to restore order and sanity in the realm of payment data security.
What is PA-DSS?
Payment Application Data Security Standard (PA-DSS) is the certification that all vendor applications which accept, process, or store payment card information must meet. Unlike the PCI DSS, this is a standard for software developers.
As a merchant, you are required to use PA-DSS certified applications for all of your vendor solutions which take payment. These applications must comply with the PA-DSS standard.
What is PCI-DSS?
Payment Card Industry Data Security Standards (PCI DSS) is a detailed set of security requirements that applies to all merchants with regard to payment card acceptance. If you take credit card payments anywhere in your institution, you are a merchant. All merchants are required to be compliant with PCI DSS standard.
Are Your Vendors Certified?
Think of all of the applications that accept credit card payments for your institution. Every place a credit card number is entered, processed, or stored is considered a payment application and must be PA-DSS compliant. TouchNet is fully certified for compliance with both PA-DSS and PCI DSS. If you have payment applications provided by other third party vendors, here is the link to the official website to see if they are compliant. The PCI Council's website has a complete Validated Payment Applications list.
Who's in Charge of the PCI-DSS & PA-DSS?
The PCI Security Standards Council is in charge of maintaining both sets of standards. The Council was formed by the major payment card brands American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa Inc. to provide a transparent forum in which all stakeholders can provide input into the ongoing development, enhancement, and dissemination of the Data Security Standard.