Document Comparison
aov_pa-dss_form.pdf
→
pa-dss_attestation_of_validation.pdf
83% similar
4 → 3
Pages
655 → 710
Words
13
Content Changes
Content Changes
13 content changes. 4 administrative changes (dates, page numbers) hidden.
Added
p. 2
Lead QSA Contact Name: Title:
POS Suite POS Admin Shopping Cart & Store Front POS Face-to-Face Payment Middleware Others (please specify): POS Kiosk Payment Back Office POS Specialized Payment Gateway/Switch Target Market for Application:
POS Suite POS Admin Shopping Cart & Store Front POS Face-to-Face Payment Middleware Others (please specify): POS Kiosk Payment Back Office POS Specialized Payment Gateway/Switch Target Market for Application:
Added
p. 3
Part 3c. PA-QSA and Application Vendor Acknowledgments Signature of Application Vendor Executive Officer Date Application Vendor Executive Officer Name Title Application Vendor Company Represented Signature of Lead PA-QSA Date Lead PA-QSA Name Title 1 Magnetic Stripe Data (Track Data)
• Data encoded in the magnetic stripe or equivalent data on a chip used for authorization during a card-present transaction. Entities may not retain full magnetic stripe data after authorization. The only elements of track data that may be retained are account number, expiration date, and name. 2 The three- or four-digit value printed on the signature panel or face of a payment card used to verify card-not- present transactions. 3 PIN Data
• Data encoded in the magnetic stripe or equivalent data on a chip used for authorization during a card-present transaction. Entities may not retain full magnetic stripe data after authorization. The only elements of track data that may be retained are account number, expiration date, and name. 2 The three- or four-digit value printed on the signature panel or face of a payment card used to verify card-not- present transactions. 3 PIN Data
Modified
p. 1
Payment Card Industry (PCI) Payment Applicaton Data Security Standard (PA-DSS) Attestation of Validation Version 1.2
Payment Card Industry (PCI) Payment Application Data Security Standard Attestation of Validation Version 2.0
Removed
p. 2
Lead PA-QSA Contact Name:
Modified
p. 2
Part 1. Payment Application Qualified Security Assessor (PA QSA) Company Information Company Name:
Part 1. Payment Application Vendor and Qualified Security Assessor Information Part 1a. Payment Application Vendor Information Company Name: DBA(s):
Modified
p. 2
State/Province: Country: ZIP:
State/Province: Country: Zip:
Modified
p. 2
State/Province: Country: ZIP:
State/Province: Country: Zip:
Modified
p. 2
Part 2. Payment Application Vendor Information Company Name:
Part 1b. Payment Application Qualified Security Assessor (PA-QSA) Company Information Company Name:
Modified
p. 2
Part 2a. Payment Application Information List Payment Application Name(s) and Version Number(s) included in PA-DSS review:
Part 2. Payment Application Information List Payment Application Name(s) and Version Number(s) included in PA-DSS review:
Modified
p. 2
Payment Application Functionality (check all that apply): Point of Sale Shopping Cart Card-Not-Present Middleware Settlement Gateway: Automated Fuel Dispenser Others (please specify):
Payment Application Functionality (check all that apply):
Removed
p. 3
Part 3c. PA-QSA and Application Vendor Acknowledgments Signature of Lead PA-QSA Date Lead PA-QSA Name Title Signature of Application Vendor Executive Officer Date Application Vendor Executive Officer Name Title Application Vendor Company Represented 1 Magnetic Stripe Data (Track Data)
• Data encoded in the magnetic stripe used for authorization during a card- present transaction. Entities may not retain full magnetic stripe data after authorization. The only elements of track data that may be retained are account number, expiration date, and name. 2 The three- or four-digit value printed on the signature panel or face of a payment card used to verify card-not- present transactions. 3 PIN Data
• Personal Identification Number entered by cardholder during a card-present transaction, and/or encrypted PIN block present within the transaction message.
• Data encoded in the magnetic stripe used for authorization during a card- present transaction. Entities may not retain full magnetic stripe data after authorization. The only elements of track data that may be retained are account number, expiration date, and name. 2 The three- or four-digit value printed on the signature panel or face of a payment card used to verify card-not- present transactions. 3 PIN Data
• Personal Identification Number entered by cardholder during a card-present transaction, and/or encrypted PIN block present within the transaction message.
Modified
p. 3
Fully Validated: All requirements in the ROV are marked “in place,” thereby (Payment Application Name(s) and Version(s)) has achieved full validation with the Payment Application Data Security Standard.
Part 3a. Confirmation of Validated Status: (each item to be confirmed) Fully Validated: All requirements in the ROV are marked “in place,” thereby (Payment Application Name(s) and Version(s)) has achieved full validation with the Payment Application Data Security Standard.
Modified
p. 3
Note: Section 3b is for the required Annual Attestation for listed payment applications, and should ONLY be completed if no modifications have been made to the Payment Application covered by the above-referenced ROV.
Note: Section 3b is for the required Annual Attestation for listed payment applications, and should ONLY be completed if no modifications have been made to the Payment Application covered by the above-referenced ROV. For the annual re-validation, the software vendor can complete, sign, and submit this form. The PA-QSA is not required to sign the annual re-validation.