Steps to Compliance

Payment Application Best Practices (PABP) was formalized on April 15, 2008 by the PCI SSC as the Payment Applications Data Security Standards (PA-DSS) and thus became a fully enforceable standard that software developers must comply with. 

Software developers can choose to be compliant by hiring a Payment Application Qualified Security Assessor (PA-QSA), with the initial cost of tens of thousands of dollars plus regular audits, applications and potential remediation, this option is often too expensive and burdensome for most software developers. 

Ideally software developers should limit their compliance burden by limiting or eliminating the scope of compliance. By reducing or eliminating the number of requirements listed in the PA-DSS, software developers can reduce their cost of development while providing payment options to their end-users that will help these merchants stay compliant with PCI DSS. 

Software developers that choose not to meet these standards open themselves to financial liability for those merchants that utilize their software and ultimately, financial ruin. Software sales to merchants will eventually decline or even disappear as merchants will refuse to accept the burden of financial liability that non-compliant software brings along as with it.

View Requirements of PA-DSS

Eliminate the PA-DSS Burden

Eliminate the High financial costs and extensive burden to your other valuable resources that are associated with PA-DSS compliance by completely removing your software from the Scope of Assessment.  

Eliminate PA-DSS Compliance Costs

Contact a Compliance Expert

The road to PCI DSS and PA-DSS compliance can be time consuming, treacherous and filled with pitfalls, contact a compliance expert to get guidance to help you. 

Contact a Compliance Expert