Latest changes to PCI SSC frequently asked questions.
New application validations and High Impact Changes using PA-DSS 2.0 are no longer accepted. Low Impact and No Impact Changes to listed applications that were previously validated using PA-DSS 2.0 …
The Expiry Date for PA-DSS Validated Payment Applications is the date by which a vendor must have the application reassessed against the current PA-DSS requirements in order for the application …
PCI DSS version 3.0 is effective from January 1st, 2014, and all entities should be working towards compliance with the latest PCI standards as soon as they are …
PCI DSS version 2.0 expires on December 31st, 2014, and any PCI DSS 2.0 validations must be completed prior to this date. PCI DSS version 3.0 is effective …
New validations and High Impact Changes using PA-DSS v3.1 will be accepted until 31 August 2016. Low Impact and No Impact Changes to listed applications that were previously validated to …
Test FAQ
PCI DSS Requirement 8 addresses secure authentication requirements and requires that all passwords and other authentication credentials be securely managed. These requirements apply to all non-consumer users and administrators. The …
Fees for validation services are set independently by the PA-QSAs.
The PCI Security Standards Council will make reasonable efforts to evaluate global coverage for both QSAs and ASVs, and will attempt to identify and encourage participation by qualified parties to …Payment Application Qualified Security Assessors (PA-QSAs) are qualified by the Council to validate payment applications for compliance to PA-DSS. A list of PA-QSAs is available on the Council website. A …