Traditional PCI DSS compliance may not apply to payment application vendors since most vendors do not store, process, or transmit cardholder data. However, because these payment applications are used by merchants to store, process, and transmit cardholder data, payment applications should facilitate, and not hinder, merchants’ PCI DSS compliance. Thehe requirements for Payment Application Data Security Standard (PA-DSS) requirements haare derive been derived from the d from the Payment Card Industry Data Security Standard (PCI DSS R). This document details what is requirements to define what a payment application must support to facilitate a customer?sd for a merchant to be PCI DSS compliance.

Secure payment applications,t (and therefore when implemented in aat a payment application must support to facilitate a merchant’s PCI DSS-compliant environment, will minimize the potential for security breaches leading to compromises of cardholder data or sensitive authentication data compliance). However, use of a PA-DSS compliant application does not by itself make an entityTraditional PCI DSS compliantce may not apply to payment application vendors since most vendors do not store, since that application mustprocess, or transmit cardholder data. However, be implemented into acause these payment applications are used by merchants to store, process, and transmit cardholder data, and merchants are required to be PCI DSS compliant en, payment applications should facilitate, and not previronment and in accordance ent, merchants’ PCI DSS compliance. Just a fewith the PA-DSS Implementation Guide pro of the ways payment applications can previded by the payment application vendor (per PA-DSS Requirement 13.ent a merchant’s compliance are: 1) storage of magnetic stripe data in the merchant’s network after authorization; 2) applications that require merchants to disable other features required by PCI DSS, such as anti-virus software or firewalls, and; 3) vendors that use unsecured methods to connect to the application to provide support to the merchant.