PA-DSS
PA-DSS Standard
Retired on 28 October 2022
The Payment Application Data Security Standard (PA-DSS) is retired as of 28 October 2022 and has been superseded by the Secure Software Standard and the Secure Software Lifecycle Standard. All PA-DSS applications are now expired and are listed under Validated Payment Applications at the drop-down menu “Acceptable Only for Pre-Existing Deployments.” Questions about the use of expired software should be directed to your acquirer or the payment brands.
Note
The PA-DSS Standard was retired on 28
October 2022.
Important Information
Secure Software Standard
The Secure Software Standard offers
security requirements for software vendors and developers to ensure the secure design and management of payment software, and to protect the integrity of payment transactions and the
confidentiality of all payment card data that is stored, processed, or transmitted in
association with payment transactions.
The Secure Software Lifecycle Standard
Search Product Listings
Resources
Training Information
The Secure Software Assessor course provides instruction on how to perform assessments of payment software in accordance with the Secure Software Requirements and Assessment Procedures (PCI Secure Software Standard). This training will provide you with an understanding of the requirements with corresponding assessment procedures and guidance for the development of secure payment software.
The Secure Software Lifecyle (Secure SLC) Assessor course provides instruction on how to perform assessments of entities in accordance with the Secure Software Lifecycle (Secure SLC) Requirements and Assessment Procedures (PCI Secure SLC Standard). This training will provide you with an understanding of the requirements with corresponding assessment procedures and guidance for payment software vendors to design, develop, and maintain secure payment software throughout the software lifecycle.
Knowledge Training courses are designed to bridge the knowledge gap between organizations and assessors by providing learning opportunities for individuals to take the same training and exam as the Assessor. Upon successful completion of training, learners will be given an acknowledgement of completion as well as the option to complete the exam and receive a digital badge.
Get your team trained together! We are pleased to offer all our PCI training programs as either in-person or remote Instructor-led eLearning. Learn directly from an instructor with hands-on experience in the field of payments security. Your organization will receive all the benefits of an instructor-led training class, at a time and place most convenient for you and your staff.
Compliance programs for all PCI SSC standards are managed by the payment brands. Questions about which entities need to validate compliance to any PCI SSC standard, or whether use of a PCI-listed product is required and for which entities, should be referred to the payment brands. Contact information for the payment brands is in FAQ #1142.
