Deadline Looms for Use of Secure Payment Apps

LAS VEGAS — Retailers have a new compliance deadline to worry about — July 1, 2010, when all merchants must use PA-DSS (payment application data security standard)-compliant software, noted Keith Swiat, director, PA-DSS practice, global compliance services, Trustwave, who spoke this morning here at the Food Marketing Institute Show.

LAS VEGAS — Retailers have a new compliance deadline to worry about — July 1, 2010, when all merchants must use PA-DSS (payment application data security standard)-compliant software, noted Keith Swiat, director, PA-DSS practice, global compliance services, Trustwave, who spoke Tuesday morning here at the Food Marketing Institute Show.

The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data, such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI DSS. Payment applications that are sold, distributed or licensed to third parties are subject to the PA-DSS requirements.

"All merchants must use PA-DSS-compliant applications, if they are shrink-wrapped, by that date," Swiat said. Merchants who don't meet that deadline may lose their ability to process credit cards or be required to install compliant software, he noted.

Read More of Today's Headlines [3]