PCI PA DSS Compliance: What’s New?
Merchants who are not aware about PCI compliance are now much more baffled about PCI PA-DSS compliance. The PA-DSS compliance stands for the Payment Application- Data Security Standard which has also its own rules and regulations.
PCI compliance was confusing enough for most online business owners in the e-commerce industry and now with this new PA-DSS, they’re really scratching their heads!
The deadline imposed plus the new compliance that needs to be adhered to and accomplished isn’t good news for businesses involved in e-commerce. Even if there’s no established legal proceedings for those business organizations who would not, can’t or simply refuse to comply, there remains a large fine that they’ll need to pay. It’s a bit overwhelming for some and seemingly unfair to others. In some cases, non-compliance would even result in termination of their services or even worse…closure of their business.
The confusion among business establishments came when the issue about what kind of company or what nature of business should achieve PA-DSS compliance sprouted. Knowing who or what company should comply is actually a bit complicated to identify because the term PCI DSS and PA-DSS functions are sort of overlapping each other. But to let you understand further, the companies that need to comply with PA-DSS are those establishments wherein the payment applications are sold, distributed, or licensed to third parties. In-house payment applications developed by merchants or service providers that are not sold to a third party are not subject to the PA-DSS requirements, but must still be secured in accordance with the PCI DSS.
If you are an online business vendor or e-commerce merchant then it is very necessary for you to ensure that the site you are hosting is PCI compliant and that you’re using a PA-DSS compliant shopping cart. If you don’t comply in the requirements imposed, then your business would surely be in trouble. Many business industries are even waiting to get certified and to be added in the list of those who have achieved compliance for them to establish more trust with their clients. I fear more and more companies will not achieve compliance in time and thus put their online businesses at risk.
During the initial SSL e commerce launches in the mid 90’s, the public had to be educated as to what was considered “safe” when it came to conducting business online. Everyone put little golden lock icons and buttons on their sites to help ensure the safety of performing transactions on their sites. Still today, the consumer is not 100% educated on e commerce and falls victim to identity theft to the tune of $40 billion a year.
Forcing PA-DSS compliance is a step in the right direction.
If you own an e-commerce business then you must comply with new PCI PA-DSS and get verified as soon as possible. If you’re an online client, do not use any shopping cart that does not comply with PA-DSS in order to avoid inevitable fees.
Author Bio: Marc Trimble is a web developer and CEO of West7th Design and Development (www.west7th.net). With over 17 years of internet experience, Marc Trimble helps small business and non profits succeed online using,a PA-DSS compliant shopping cart and other web 3.0 technologies.
Category: Business
Keywords: