Document Comparison
PA-DSS_FAQ_for_Transition_from_v3-0_to_v3-1.pdf
→
PA-DSS-v3_2-Transition-FAQs.pdf
73% similar
2 → 2
Pages
599 → 643
Words
7
Content Changes
Content Changes
7 content changes. 5 administrative changes (dates, page numbers) hidden.
Added
p. 2
(Please see section 5.3 of the PA-DSS Program Guide).
Q6: Can a High Impact, Low Impact, or No Impact Change (per PA-DSS Program Guide v2.0) be submitted to transition a PA-DSS v2.0 application to PA-DSS v3.x? A: No, PA-DSS v2.0 payment applications will need to undergo a full PA-DSS v3.x assessment by a PA-QSA in order for it to be considered for PA-DSS v3.x validation.
Q6: Can a High Impact, Low Impact, or No Impact Change (per PA-DSS Program Guide v2.0) be submitted to transition a PA-DSS v2.0 application to PA-DSS v3.x? A: No, PA-DSS v2.0 payment applications will need to undergo a full PA-DSS v3.x assessment by a PA-QSA in order for it to be considered for PA-DSS v3.x validation.
Modified
p. 1
Payment Card Industry (PCI) Payment Application Data Security Standard Frequently Asked Questions for Transition from PA-DSS v3.0 to v3.1
Payment Card Industry (PCI) Payment Application Data Security Standard Frequently Asked Questions for Transition from PA-DSS v3.1 to v3.2
Removed
p. 2
Q1: When does PA-DSS v3.1 become effective? A: PA-DSS v3.1 is effective June 1, 2015. Application validations to PA-DSS v3.0 will be accepted until August 31st, 2015. Effective September 1, 2015, all new payment applications must be validated against PA-DSS v3.1 (with AOV v3.1).
Applications being validated against PA-DSS v3.0 which are “in queue” (i.e., submitted to the portal with invoice paid prior to September 1, 2015) will have until November 30, 2015 to complete the validation process.
Applications being validated against PA-DSS v3.0 which are “in queue” (i.e., submitted to the portal with invoice paid prior to September 1, 2015) will have until November 30, 2015 to complete the validation process.
Modified
p. 2
Q3: Can a Low Impact change be submitted to transition a PA-DSS v3.0 application to PA-DSS v3.1? A: Yes, a Low Impact change may be submitted as long as the change meets the criteria defined in PA- DSS Program Guide v3.0 for a Low Impact Change, and is accompanied by AOV v3.1.
Q3: Can a Low Impact change be submitted to transition a PA-DSS v3.0 or v3.1 application to PA-DSS v3.2? A: Yes, a Low Impact change may be submitted as long as the change meets the criteria defined in PA-DSS Program Guide v3.2 for a Low Impact Change, and is accompanied by AOV v3.2.
Modified
p. 2
Q4: Can a No Impact change be submitted to transition a PA-DSS v3.0 application to PA-DSS v3.1? A: No; per the PA-DSS Program Guide, No Impact changes are limited to changes that have no impact to PA-DSS Requirements or Payment Application security, PA-DSS related functions, tested platforms, operating systems or dependencies.
Q4: Can a No Impact change be submitted to transition a PA-DSS v3.0 or v3.1 application to PA-DSS v3.2? A: No, Administrative and No Impact changes cannot be used to transition between versions of PA-DSS.
Modified
p. 2
Q5: Can a delta assessment be submitted to transition a PA-DSS v3.0 application to PA-DSS v3.1? A: Yes, as long as the change meets PA-DSS Program Guide v3.0 criteria for a delta assessment, and is accompanied by AOV v3.1.
Q5: Can a delta assessment be submitted to transition a PA-DSS v3.0 or v3.1 application to PA-DSS v3.2? A: Yes, as long as the change meets PA-DSS Program Guide v3.2 criteria for a delta assessment, and is accompanied by AOV v3.2.
Modified
p. 2
Q8: Will the PA-DSS Program Guide be updated as well? A: Yes, from time-to-time, PCI SSC updates the Program Guide and as such a planned publication is forthcoming for general clarifications.