Payment Card Industry Security Standards Council Releases Payment Application Data Security Standard Version 3.2
Today the PCI Security Standards Council (PCI SSC) published a new version of its data security standard for payment software, the Payment Application Data Security Standard (PA-DSS) version 3.2. The Payment Application Data Security Standard is used by payment application vendors to ensure their software products will protect payment card data from theft. Merchants and other businesses globally use “PA-DSS Validated” software to ensure they can safely accept payments, both in-store and online. Using “PA-DSS Validated” software also supports businesses in their efforts to secure payment card data throughout their systems and networks –– which is required by the more comprehensive PCI Data Security Standard (PCI DSS).
PA-DSS version 3.2 aligns with the recent release of PCI DSS version 3.2, both of which address growing threats to customer payment information. Updates to standards are based on feedback from the PCI Council’s more than 700 global Participating Organizations, as well as data breach report findings and changes in payment acceptance.
“Using secure software and making sure that the software is installed and maintained correctly is a critical part of protecting payments,” said PCI Security Standards Council General Manager Stephen Orfei.
Key changes in PA-DSS 3.2 include clarifications to existing requirements and updating requirements to align with PCI DSS v3.2 . The revision also makes updates to the detailed instructions included with vendor products (the “PA-DSS Implementation Guide”), which explain how to configure payment applications properly and in accordance with PCI DSS. These address procedures for secure installation of software patches and updates, and instructions for protecting cardholder data if using debugging logs for troubleshooting, as these can be exploited during a compromise.
“We continue to see how failure to properly configure and patch payment applications exposes organizations to attacks that lead to mass data compromise,” said PCI Security Standards Council Chief Technology Officer Troy Leach. “That’s why in addition to updating PA-DSS to support PCI DSS 3.2, we’ve added more guidance to help integrators, resellers , and others implementing payment software to configure it properly and protect payment account data.”
A full copy of PA-DSS version 3.2, including a Summary of Changes document, Report on Validation (ROV) and Attestation of Validation (AOV) forms are available at: https://www.pcisecuritystandards.org/document_library .
A PCI Perspectives blog post “PA-DSS 3.2: What’s New ” provides more information on changes to the standard and its supporting documents.
About the PCI Security Standards Council
The PCI Security Standards Council is a global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Connect with the PCI Council on LinkedIn . Join the conversation on Twitter @PCISSC . Subscribe to the PCI Perspectives Blog.
PCI Security Standards Council
Laura K. Johnson
Information om Business Wire
101 California Street, 20th Floor
CA 94111 San Francisco
Følg pressemeddelelser fra Business Wire
Skrive dig op her og du vil løbende modtage pressemeddelelser på mail. Indtast din mail, klik på abonner og følg instruktionerne i den udsendte mail.
Flere pressemeddelelser fra Business Wire
CA-ANDERSEN-TAX20.2.2018 15:32 | pressemeddelelse
Andersen Tax & Legal Launches in Egypt
SES20.2.2018 15:02 | pressemeddelelse
ETECSA Enhances Connectivity to the Rest of the World with SES Networks
SARTORIUS-AG20.2.2018 15:02 | pressemeddelelse
Proposals of the Supervisory Board to Be Submitted to the Annual General Shareholders' Meeting of Sartorius AG
CA-MONIKER-INC20.2.2018 15:02 | pressemeddelelse
First Dedicated Esports Apparel Brand H4X.gg Unveils Its Debut Line of Performance Gear and Streetwear, Partners with ESL and DreamHack
CA-PUBMATIC20.2.2018 15:02 | pressemeddelelse
New PubMatic Research Shows Private Marketplaces Drive Global Mobile Advertising Growth
IL-NMI20.2.2018 14:06 | pressemeddelelse
NMI Agrees to Acquire Creditcall to Expand EMV and Omnichannel Capabilities
I vores nyhedsrum kan du læse alle vores pressemeddelelser, tilgå materiale i form af billeder og dokumenter, og finde vores kontaktoplysninger.Besøg vores nyhedsrum