Payment Card Industry Payment Application – Data Security Standard

PA-DSS is the Council-managed program formerly under the supervision of the Visa Inc. program known as the Payment Application Best Practices (PABP). The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data, such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI DSS. Payment applications that are sold, distributed or licensed to third parties are subject to the PA-DSS requirements. In-house payment applications developed by merchants or service providers that are not sold to a third party are not subject to the PA-DSS requirements, but must still be secured in accordance with the PCI DSS.

The PCI DSS was founded in December 2004 by 5 major card brands – American Express, Discover Financial Services, JCB International, Master Card and Visa Inc. In 2006, the card brands formed the PCI Security Standards Council (PCI SSC), an independent council established to maintain and update the PCI standards.

The standard was agreed by the major card brands as a common, consistent and secure minimum level of protection to be applied by all organizations that process, store or transmit cardholder data to safeguard payment card data and payment card customers. PCI DSS applies to card payments accepted in person, over the phone or online.

Course Objective
The course objective is to make participants understand the requirements of PCI-DSS &PA-DSS so that they are able to guide and assess secure application development as per the requirement of PCI-DSS &PA-DSS.

Who Should Attend PA-DSS Training?

  • Auditors involved in PCI-DSS audits
  • Managers or Consultants responsible for PCI-DSS compliance.
  • IT Professionals involved in implementation of PCI-DSS compliance.
  • Risk and Project Managers.
  • Advisors in PCI-DSS.
  • External Auditors forPCI DSS.

Benefits of Attending PA-DSS Training

  • Thorough understanding ofPCI-DSS & PA-DSS requirements.
  • Ability to suggest and implement security controls.
  • Gaining expertise and skills to effectively auditPCI-DSS.
  • Better Management& planning of PCI-DSS Compliance.
  • Better management of internal or third party auditors.
  • Be able to prepare for third party audits.
  • Expertise to contribute in improving system.

Course Content Overview

  • Introduction
  • Scope of PA-DSS
  • PA QSA Requirements
  • PA-DSS V3.2
  • PA DSS Requirements& Security Assessments
  • Testing Laboratory Configuration