• New PCI Compliance Quiz Released
• Announcing Hosted Payments

  

• FAQs
• PCI Compliance Guide
• Video Library
• Case Studies
• Testimonials

Compliance is one of those 'cost of entry' requirements. With Element, we don't have to do a thing to help meet that requirement. For the merchant, it's wonderful – if they're running our software, they're more assured of compliance."

Anthony Ramirez,
Application Development Engineer,
Harms Software Inc.

Recognizing that more and more criminals "are targeting vulnerabilities in payment applications to steal payment card data," the PCI Security Standards Council has released Version 1.1 of the Payment Application Data Security Standard (PA-DSS.)

While merchants and anyone else handling payment card transactions must also comply with PCI DSS, commercially available software that handles such information must comply with PA-DSS (formerly known as the Payment Application Best Practices (PABP). PA-DSS is meant to help software vendors develop secure payment applications that do not store prohibited data, such as full magnetic stripe, other sensitive authentication data or PIN data, and ensure their payment applications support compliance with PCI DSS.

The Element Express Processing Platform helps software providers meet many of the key PA-DSS requirements. Its PASS (Payment Account Secure Storage) capability, for example, allows applications to securely store cardholder data off-site in Element's PCI DSS compliant infrastructure. Element is committed to helping software providers comply with PA-DSS requirements, and uses the insights gained through its membership on the PCI DSS Security Standards Council to develop technology that helps software providers achieve such compliance.