This week, the PCI Security Standards Council announced the availability of its new Payment Application Data Security Standard (PA-DSS). PA-DSS provides a set of best practices to software vendors for developing secure payment applications that don't store sensitive or private data such as personal identification numbers, and ensure that these applications support standard Payment Card Industry Data Security Standard (PCI DSS) requirements. Once a certification process is established, retailers will be able to purchase applications with a PA-DSS "good housekeeping" seal of approval.
Hmm, what a good idea. Retail companies get the benefit of a third-party audit … Read more