Document Comparison
PA-DSS_Program_Guide_v2_1.pdf
→
PA-DSS_Program_Guide_v2.2.pdf
87% similar
45 → 44
Pages
17296 → 17145
Words
6
Content Changes
Content Changes
6 content changes. 47 administrative changes (dates, page numbers) hidden.
Added
p. 28
vii. Updates to transmission protocols to meet PCI SSC’s definition of strong cryptography.
Note: In order to qualify as a low impact change, the change may only impact PA-DSS requirements applicable to secure transmission protocols (for example, PA-DSS requirements 6, 8.2, 10.2.3, 11, 12). In order to qualify for this change, the payment application must only support secure protocols; support for vulnerable protocols (e.g., SSL and early versions of TLS) must be removed or disabled as part of the change.
Note: In order to qualify as a low impact change, the change may only impact PA-DSS requirements applicable to secure transmission protocols (for example, PA-DSS requirements 6, 8.2, 10.2.3, 11, 12). In order to qualify for this change, the payment application must only support secure protocols; support for vulnerable protocols (e.g., SSL and early versions of TLS) must be removed or disabled as part of the change.
Modified
p. 1
Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS) Program Guide Version 2.1
Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS) Program Guide Version 2.2
Modified
p. 29 → 28
v. Inclusion of minor updates or patches to supported middleware with which the Payment Application was previously validated; and
v. Inclusion of minor updates or patches to supported middleware with which the Payment Application was previously validated;
Modified
p. 29 → 28
vi. Recompilation of unchanged code base with either the same compiler using different flags or with a completely different compiler.
vi. Recompilation of unchanged code base with either the same compiler using different flags or with a completely different compiler; and
Modified
p. 30
New Validation: If the Vendor wishes the application to remain on the Acceptable for New Deployments List on the Website, the Vendor must contact a PA-QSA Company to have the
New Validation: If the Vendor wishes the application to remain on the Acceptable for New Deployments List on the Website, the Vendor must contact a PA-QSA Company to have the Payment Application fully re-evaluated against the then-current version of the PA-DSS. Use of the Minor Change process to achieve this goal is not permitted.
Modified
p. 33 → 32
All ROVs and other materials must be submitted to PCI SSC in English or with certified English translation.
Note: All ROVs and other materials must be submitted to PCI SSC in English or with certified English translation.