Overview:
PA DSS is the Council-managed program designed to help software vendors and others develop secure payment applications that do not store prohibited data. All Payment Applications either licensed and distributed to third parties and merchants, or created by third parties and merchants are subject to the PA DSS Requiremnets.
Visa has their own payment application security standard programs for merchant assistance. Navigate through their weblinks for their most current information.
Phase |
Compliance Mandates |
Effective Date |
| I | Newly boarded merchants must not use known vulnerable payment applications, and VisaNet Processors (VNPs) and agents must not certify new payment applications to their platforms that are known vulnerable payment applications | 1/1/08 |
| II | VNPs and agents must only certify new payment applications to their platforms that are PABP-compliant | 7/1/08 |
| III | Newly boarded Level 3 and 4 merchants must be PCI DSS compliant or use PABP-compliant applications | 10/1/08 |
| IV | VNPs and agents must decertify all vulnerable payment applications | 10/1/09 |
| V | Acquirers must ensure their merchants, VNPs and agents use only PABP-compliant applications | 7/1/10 |
Click the link below to visit our Merchant Obligations section for more detailed information on your obligations and contractional responsibilities as a merchant.
