The Payment Card Industry Data Security Standards (PCI DSS) poses significant challenges for most point of sale or ecommerce application developers. Included in the PCI DSS is the requirement for merchants to utilize payment applications which have been certified compliant with the Payment Application Data Security Standards(PA DSS). Visa® has posted a deadline of July 1st 2010 for all payment applications to validate PA DSS compliance.

For a payment application handling sensitive cardholder data (even if only momentarily) to remain commercially viable, it must achieve PA DSS compliance and not interfere with a merchants ability to achieve PCI DSS compliance. This generally means costly annual PA DSS audits, significant programming to ahdere to the Payment Application Data Security Standards and considerable man hours consumed by PA DSS compliance remediation.

If you're a payment application developer and you need to validate PA DSS compliance, Payment Logistics has your solution. Instead of spending countless man hours consumed by PA DSS compliance audits and PA-DSS compliance remediation, you can integrate with Paygistix Client and completely remove your payment application from the scope of the Payment Application Data Security Standards.

By partnering with Payment Logistics, you can either eliminate your payment application's scope of PA DSS compliance or reduce your payment application's scope of PA DSS compliance to a managable level.

Payment Logistics offers the following two options for dealing with the Payment Application Data Security Standards (PA DSS) while helping your clients deal with the Payment Card Industry Data Security Standards (PCI DSS).

Option1 – Eliminate the scope of PA DSS compliance with Paygistix Client: By integrating our PA DSS compliance tool Paygistix Client with your point of sale system, you can reduce or completely eliminate the scope of PADSS compliance your application is subject to. Because Paygistix Client controls the credit and debit card processing hardware drivers, your system only needs to supply non sensitive transaction data such as the amount and Paygistix Client will collect and process the sensitive cardholder data so your payment application doesn't have to. By allowing Paygistix Client to handle all sensitive cardholder data, you remove your application from the scope of PA DSS compliance so you can focus on revenue generating activies. Option2 – Minimize the scope of compliance with Tokenization: By integrating your payment application directly with the Paygistix payment gateway using our “Path To PA DSS Compliance” integration supplement and sample code, you can reduce the scope of PA DSS compliance to a management level. With this option, your payment application still handles the initial transmission of sensitive cardholder data to the Paygistix payment gateway, but instead of storing credit card account numbers after the initial transmission you store tokens in their place. The tokens can be used to perform ALL functions you once relied on a card number for. Achieving PA DSS compliance becomes much easier when you simply store cardholder data tokens instead of actual cardholder data.

Visit the Paygistix Developers Portal to learn more about our integration solutions and how you can remove your application from the scope of PA DSS compliance and PCI DSS compliance.