PA-DSS (Payment Application Data Security Standard) is a set of security standards that were created by the PCI SSC (Payment Card Industry Security Standards Council) to guide payment application vendors to implement secure payment applications.
The attached PA-DSS Implementation Guide instructs merchants, resellers and integrators on how to implement Sage MAS 500 into their environment in a PA-DSS compliant manner.
Click here for PA-DSS Implementation Guide.
For each Product Update, the Release Notes will indicate whether the Product Update has any impact on PA-DSS.
Also, a recorded training presentation provides tips on implementing a credit card solution in a secure environment according to PCI standards.
Click here for training video.
Legal Terms and Conditions
The following legal terms and conditions must be provided to the owner of the software being implemented.
Acceptance of a given payment application by the PCI Security Standards Council, LLC (PCI SSC) only applies to the specific version of that payment application that was reviewed by a PA-QSA and subsequently accepted by PCI SSC (the “Accepted Version”). If any aspect of a payment application or version thereof is different from that which was reviewed by the PA-QSA and accepted by PCI SSC – even if the different payment application or version (the “Alternate Version”) conforms to the basic product description of the Accepted Version – then the Alternate Version should not be considered accepted by PCI SSC, nor promoted as accepted by PCI SSC.
No vendor or other third party may refer to a payment application as “PCI Approved” or “PCI SSC Approved”, and no vendor or other third party may otherwise state or imply that PCI SSC has, in whole or part, accepted or approved any aspect of a vendor or its services or payment applications, except to the extent and subject to the terms and restrictions expressly set forth in a written agreement with PCI SSC, or in a PA-DSS letter of acceptance provided by PCI SSC. All other references to PCI SSC’s approval or acceptance of a payment application or version thereof are strictly and actively prohibited by PCI SSC.
When granted, PCI SSC acceptance is provided to ensure certain security and operational characteristics important to the achievement of PCI SSC’s goals, but such acceptance does not under any circumstances include or imply any endorsement or warranty regarding the payment application vendor or the functionality, quality, or performance of the payment application or any other product or service. PCI SSC does not warrant any products or services provided by third parties. PCI SSC acceptance does not, under any circumstances, include or imply any product warranties from PCI SSC, including, without limitation, any implied warranties of merchantability, fitness for purpose or noninfringement, all of which are expressly disclaimed by PCI SSC. All rights and remedies regarding products and services that have received acceptance from PCI SSC, shall be provided by the party providing such products or services, and not by PCI SSC or any payment brands.
