PCI DSS and PA-DSS

It’s acronym soup out there with all the credit card compliance changes coming for July 1, so I thought an explanation of the difference between these two might be helpful.

PCI DSS standards apply to each merchant who accepts payment via credit cards. There are various rules regarding the securing of credit card information depending on whether you record it on paper, in a computer, or both, and physical security rules also apply if you have credit card terminals.

PA-DSS is the certification being required for commercial applications that process credit cards. This requirement is on the software developers, not the merchants.

Sage is currently in the process of getting certification for MAS 90 and MAS 200 version 4.3 (with update 18) and version 4.4 (with product update 1).
PCCharge is already certified. On the Accpac side, third party providers are getting their apps PA-DSS certified, and Sage is reportedly developing its own Accpac credit card processing module that will be certified when released.

Be Sociable, Share!

Comments are closed.